In this article (video here), we suggest that decentralised autonomous organisation (DAO) governance starts with initial coin offering (ICO) governance. ICOs are now the standard route to funding the setup of DAOs.

More and more tokens involve sharing network or transaction fees with the token holders and some form of participation or responsibility with the token holders for the continuation of the project.

These are all likely to be regulated, but, at times, illegal shares.

However, the purpose of this article is not to comment on the legality of DAO tokens. It is to present a way to address the risks of unaccountable token issues in a way to assure some consumer, and even founder, protection.

The exuberance of ICOs has survived the DAO due to the Ethereum ‘bail-out’. As said, ICOs are the standard funding routes for new blockchain protocols or decentralised applications (DApps). We can’t avoid the mistakes ICO founders will make in designing regulated and sometimes illegal tokens.

But we can set a new trend that goes some way to protect the consumer who will access these tokens. Here we present the notion of a Verification Agent to be there to hold the ICO issuer to account on statements made, and to ensure the Founders reach their project milestones. This is an idea presented to give ‘food for thought’ only – it is not a full blueprint to be relied upon in any way. If the industry is interested enough it will develop the Agency model or think of an alternative solution.

In the same way that building a solid foundation comes before building a house, ICO governance comes before DAO governance.

Even if the Slock IT DAO was high-profile and was presented as one of the first DAOs to be created, in actual fact – in cryptocurrency – we already have DAOs.

Bitcoin was the first fully-decentralised instance of this.

Technology comes in waves and so does nomenclature.

‘DAO’ is just a newer word for a pre-existing concept.

But DAO is not a concept that will go out of fashion.

Most ICOs happening today involve some form of participatory and revenue share-based model. For example: share the network or transaction fees with the token holders.

My piece on governance here is not about how best to maintain a DAO once set up, such as, for example, governance surrounding updating the bitcoin protocol.

Here I am making an assumption.

The assumption is that DAOs of the future will always start with an ICO.

And there is a very simple reason why that is the case; funding is required to build an organisation.

And I suspect there are fewer people with funding and DAO ideas, than there are DAO ideas with no funding.

Zcash is a DAO that raised funding privately. They could afford not to bypass the ICO.

If the assumption is correct that DAO and ICO is the trend, then before we look at the governance model of an organisation that hasn’t been built yet, we should look at the governance with regards to the initial financing by the crowd of that particular organisation.

So, my piece on governance here is also about accountability of the ICO process first.

For me, the driver here is consumer protection.

Now that doesn’t come from altruism per se. It comes from the simple fact that the more you destroy public confidence, the more likely a government reaction will be stern – as no government likes its citizens being exploited – and, as a result, the less likely blockchain technology will reach the mainstream.

Regarding the DAO tokens. One thing that is for sure is that most DAO-like tokens are regulated for the most part in the real world. I don’t and the Securities and Exchange Commission (SEC) would not subscribe to the view that because it is bitcoin or virtual currency, it does not seem to matter.

In certain instances, in fact, the token issued would be illegal. This is based on the fact that if it is deemed a share, then a share must have registered owners. If it does not have a registered owner – like most decentralised cryptocurrencies – then it is a bearer instrument. Bearer instruments are illegal in many countries now. It is important to understand that this article is not to comment on whether DAO tokens are securities and or regulated in some way.

To be quite frank, most projects do not seem to pay much heed to whether the token is regulated or even illegal for that matter. The ICO community simply follows the previous ICO approaches, with the mistaken assumption that the previous guys knew what they were doing.

This is the ‘piggy back’ approach. Piggy back on assumed homework done by the previous ICO, and feel falsely reassured that if a regulator were to go after you then that regulator would have to go after the other projects too.

The point here is that, I, nor any professional, can force a community to reverse a bad trend.

But one area where we can offer value is to create a new trend that has nothing to do with the token itself but promotes good ICO governance.

That could protect the token holders from fraudsters, empty promises and Ponzi schemes.

Obviously, it is not my role to be the guardian of token holders. But it has always been my priority that consumers are protected for the above reasons.

When we founded the UK Digital Currency Association (UKDCA) we argued that regulation of virtual currency was not necessary. Instead, the industry should come together to promote consumer protection standards.

I don’t want to be cynical, but the industry has not taken up this opportunity yet. This is partly because the consequences of a bad ICO are not felt immediately. It usually a few years before the project is ready – and a few years in blockchain is a lifetime. When I started, there were around 300 altcoins, and at the last time of checking there are now 800.

So, let’s look at the current problems?


Oftentimes, founders say: ‘we will build a corporate structure once we have funding’. Therefore, an individual founder or promoter is left controlling the crowdfunding assets. This is a dangerous precedent to set for security and fraud-related issues.


Statements made by founders are rarely verified by an independent source. This may lead to promises that are unlikely to be fulfilled.

For the founders this presents a liability risk – in certain instances it exposes the founders to fraud based claims.

Due diligence for ICOs seems to be outsourced to ‘Reddit’ and ‘Slack’ forums. But this cannot replace standard due diligence expected for any crowdfund.

‘Slack’ and community-based due diligence can supplement not replace standard due diligence expected.

Liquidity of Token is a Problem and Benefit

Standard equity crowdfunding is done with illiquid shares – this means the investors can rarely get out of the investment. Which is a bad thing for a retail investor.

However, founders of a standard company are usually subject to vesting rights. They cannot exit the company early without a consequence for their shareholding.

With ICOs all token holders – including the founders – have the ability to liquidate their holdings.

So understandably the ability to liquidate means the token is increasingly exposed to ‘pump and dump’.


ICOs are exciting to start with but can be problematic in its delivery. To a certain extent there is a lack of standardised transparency on delivery.

Surely, if you were paid to do a job you would have milestones to reach and that your remuneration would be tied to achieving those milestones. How could it be in anyone’s interest to complete a project if they have all the funding upfront?


Share crowdfunding is regulated in certain countries in the EU. The main purpose of regulation in crowdfunding is to protect the investor. A crowdfunding platform provides a service that effectively promotes investments and, as such, the platform owes a duty of care to the investors. With that in mind, it is the role of the crowdfunding platform to provide some independent due diligence on the project at hand. This is not the same as a full regulated listing on a stock market. A listing – understandably – involves an extensive amount of due diligence on the project concerned.

All of the above is to say that ICOs need better support to ensure that investors and founders are adequately protected. 

This is not to say that we need to put ICOs on regulated crowdfunding platforms.

We cannot change the current ICO trend.

But we can think of new solutions that may be able to support what is being done. Now let’s look at the problems again and potential solutions.

In summary, the key problem above of an ICO is accountability. The solution therefore is simply holding the founders accountable.

I suggest this could be done in very a pragmatic way.

I suggest that an independent third party – not a crowdfunding platform or a regulated entity necessarily – assists the ICO issuer in simply verifying certain statements made by the Issuer. That same third-party can hold the ICO issuer to account on the milestones that they set for themselves.

I am referring to this entity as the ICO Verification Agent. This agent receives data from the ICO project founders and reviews and verifies statements made. This is much like the role of an auditor.

This verification service of course could be provided on the blockchain. The Verification Agent would sign with their private key statements recorded on the blockchain possibility in the genesis block of the ICO. Now the question is what is the scope of the role of the Verification Agent.

Does the Verification Agent owe a duty of care to the investors? I would say that they shouldn’t, as no Verification Agent would want that exposure.

The Verification Agent is simply contracted by the project owner to provide independent verification services.

What would the Verification Agent check?

I suspect that the best way of this working is to have a standard format Token Subscription Document.

This Token Subscription Document template could be a standard one-page document that every ICO would use.

In that document, it would state the most basic but essential details about the project. Here are some examples:

·      Who is behind the project?

·      Name of incorporated entity issuing the coins

·      Country of incorporation

·      Allocation of funds

·      Designation of milestones

·      Supplementary services of the Verification Agent. The appointment or not of the Verification Agent to provide co-signing services based on milestones achieved.

·      The appointment or not of the Verification Agent as an arbitrator in the event of a dispute between the parties.

The Verification Agent would not comment on whether the token is legal or not or regulated or not. The Verification Agent is simply there to ensure that the Founders: have done what they have said they have done and do what they say they will do.

If at a later stage the Verification Agent receives notice that the token is illegal or regulated as a Security then it will withdraw from the verification services contract with the project owner.

Two other supplementary roles envisaged would be for the Verification Agent to act as a co-signor for milestones achieved, and/or to act as an arbitrator in the event of dispute.

People have tried to do this before. But they have always been involved in issuing the coins themselves, and dealing with the question of whether the token is a security or not. And that brings heavier risks for the Verification Agent which are not warranted. The role of the Agent is simply to be independent and verify facts or statements made not to issue coins.

In terms of the co-signing responsibilities, the Verification Agent can provide a co-signing service to the Founders, to ensure that the funds were spent in accordance with the subscription document. The co-signing service would be ‘passive’ – in other words, the Verification Agent would not be able to initiate a transaction.

I should envisage that this Verification Agent should become an institution for the whole ICO community. An umbrella organisation servicing all ICOs. The key with this arrangement is that the Verification Agent should not in itself need to be regulated – accountable yes, but not regulated.

So up to here we have looked at accountability and how that can be addressed with ICOs. This is not to say that the above is legal or regulatory advice for someone who may want to set up that Verification Agent service. Of course, a lot of detail and research is needed. This solution presented is merely there to give you – as an industry – food for thought.

There will come a point where consumers get burnt with ICO tokens and that public policy will drive enforcement in this area. Also, remember that fines will apply retrospectively to your activities. ‘Disengorgement’ is a type of damages award that does not let you profit from an offence. It is not a question of if enforcement will happen, it is a matter of when.

I would urge the industry to come together to consider a better and fairer way of doing ICOs. That the consumer and founders should be protected and the founders should be accountable. That surely is the minimum needed.

Well you may argue that what is the point of protecting the consumer by using a Verification Agent, if the SEC will sue you nonetheless. It is in your self-interest to do so to protect you as a founder of a project from claims of misrepresentation (fraud), embezzlement of funds, and other claims that may be raised by third parties.

In conclusion, a DAO should think about governance from the start of its venture. In particular, the largest area, is in the initial financing through an ICO.

Note: the Verification Agent itself could well be a DAO or a Decentralised Autonomous Regulator (DAR).

Thomas Oliver Matthews