Guidelines on Securities Token Offerings (STO), released by the Bank of Lithuania gives recommendations on raising capital through STOs and provide more clarity for STOs Smart contracts and their auditing.

On 17 of October 2019, the Bank of Lithuania released Guidelines on Securities Token Offerings. The Guidelines provide clarity regarding the legislation and regulatory implications on tokens that have features of securities. The Guidelines gives position and recommendations of the Bank of Lithuania regarding Smart contracts and their auditing too, when Security Token Offerings (STO) has to be issued.

SMART CONTRACTS AND AUDITING

All features of investment-type tokens have their characteristics in the form of related rights, terms and conditions, and so on, are implemented as described in the Prospectus and executed in a digital Distributed Ledger Technology (DLT) environment using smart contracts.

As recommended in the Guidelines, the development and audit of smart contracts should be carried out with particular care. The Guidelines provide the following main recommendations when developing smart contracts:

Issuers of tokens have to take into account that smart contracts would be developed by experienced, trusted service providers with a good reputation and proven track record, if possible. Development of smart contracts should be completed by third parties but not by parties related to token issuers.
Information developed within smart contracts should be made available to all types of potential investors, not only with specific education ‒ smart contracts should be translated into traditional language and clear smart contract schemes added.
In order to avoid possible smart contract development mistakes in internal logic or technical coding, and to assure investors that a smart contract implements the token holder’s terms and rights as described in the prospectus, token issuers should invite third party service providers to audit smart contracts.
Smart contract audit service providers should not be related or involved with issuers and smart contract developers. To ensure transparency and reliability, the content and scope of smart contract auditing should be disclosed to reveal what was audited and what conclusions were drawn.
Automated execution of smart contracts for investment-type tokens must be formally confirmed by independent institutional third parties: a notary, public register, and the like.

The Guidelines lay out the neutrality regulation policy exercised by the Bank of Lithuania in regard to technology, meaning that regardless of the technology applied, the same rules and principles ought to be enforced. The Bank of Lithuania also expressed support for a substance-over-form approach. This means that specific investment forms, such as tokens, despite their form, will be valued from the perspective of financial instruments and might be recognized as having features of transferable securities.

Types of tokens

The Guidelines identify four types of token based on their primary characteristics and their purpose:

“Payment-type” tokens that serve as a means of exchange or payment for goods or services (transfer value).
“Utility-type” tokens that provide some “utility” or consumption rights, eg, the ability to use them to access or buy some services/products.
“Investment-type” tokens are tokens with specific characteristics, meaning that they meet the definition of transferable securities or other financial instruments. These instruments include a share or debt instrument as set out in the Law on Markets in Financial Instruments and fall within the financial regulatory and supervisory framework.
Hybrids of “investment-type” and/or “utility-type” and/or “payment-type” tokens involve a mixture of the above-mentioned rights typical of “investment-type” and/or “utility-type” and/or “payment-type” tokens.

Utility and payment types are common and are not regulated by legal acts related to securities, while Investment-type tokens do fall within the scope of such regulation.

Investment type tokens as securities

The Guidelines further establish criteria common to an Investment-type token:

Tokens that provide their holders with similar or equivalent rights to shares, ie participation in the management of company rights, entitlement to part of the company profits or distribution of capital upon liquidation ‒ if the tokens are negotiable.
Tokens that create and represent debt owed by the issuers to the token holder may be considered as a debenture and fall within the scope of transferable securities ‒ if the tokens are negotiable on capital markets.
Tokens that give their holder rights similar to those given by other securities (eg, options, warrants, structured bonds, derivatives) are considered investment-type tokens.
For a token to qualify as a transferable security it must be negotiable. Although there is no definition of negotiability in Lithuanian law, the Guidelines note that a token should be considered negotiable if it can be transferred or traded on the capital markets, adding that even the abstract possibility of being traded or transferable on capital markets should be sufficient to state that a token is negotiable. On the other hand, it is noted that the token itself and its tradeability or transferability can be restricted on a contractual basis, although the factual transferability of the token should be evaluated on a case by case basis.

The Bank of Lithuania also emphasizes that there is no “one size fits all” solution when it comes to legal qualification of tokens, so that each case must be considered in a broad sense.

Since investment-type tokens share the characteristics mentioned above, according to the Guidelines, the full set of national and EU-related rules apply, including ‒ but not limited to ‒ the Prospectus Regulation, the Law on Securities, the Law on Markets in Financial Instruments, and so on. Furthermore, when tokens are considered to be financial instruments, related activities could also be considered as a type of MiFID II or Law on Markets in Financial Instruments investment/services and activities, so that further regulation could also apply.

Obligation to publish prospectus

The Guidelines further note that when offering investment-type tokens to the public or when such tokens are admitted to trading on a regulated market, a prospectus must be published, unless exemptions apply. However, mere admission of investment-type tokens to trading on a multilateral or organised trading facility without any feature of public offering is not to be regarded in itself as an offer of securities to the public and therefore is not subject to the obligation to draw up a prospectus.

The Guidelines specify that a prospectus for an investment-type token should include:

detailed information on the issuer’s business,
the features and rights attached to tokens being issued,
the terms and conditions and expected timetable of the offer,
the use of the proceeds of the offer,
the specific risks related to the underlying technology.

Aspects to consider when preparing a prospectus

Considering that most securities token offerings will be the first time in public for their issuers, the Guidelines have recommended that issuers should consider the following aspects:

Evaluate what group of investors the issue is intended for. Prospectuses for retail investors should contain more explanations, avoid excessive technical or specific concepts, formulas, and the like, while prospectuses for professional investors may contain more technical information, although this should be precise, straightforward and detailed.
Clearly indicate the purpose of the issue, what the funds raised will be used for, the costs of the issue, and other information which is required to be disclosed.
Avoid presenting an over-optimistic prognosis and claiming benefits that are not based on particular calculations and assumptions. Expected benefits should not be described in more detail than risks.
Clearly describe specific risks related to these types of securities. Such risks might include maturity of businesses, low liquidity of these types of tokens, token trading platform-related issues, DLT technology safety-related issues, lack of legal protection for owners of investment-type tokens and no coverage of possible losses related to possible hack.
Comply with other disclosure requirements applicable where traditional securities are being issued.

The article was prepared in collaboration with Law Firm Sorainen, who offered their insights regarding types tokens, tokens as securities, Prospectus for STO’s among other related aspects. DevSlate Group and Sorainen actively participated in the process of developing the Guidelines.

Cookie	Duration	Description
_GRECAPTCHA	5 months 27 days	This cookie is set by Google. In addition to certain standard Google cookies, reCAPTCHA sets a necessary cookie (_GRECAPTCHA) when executed for the purpose of providing its risk analysis.
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-advertisement	1 year	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Advertisement".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
_ga	2 years	This cookie is installed by Google Analytics. The cookie is used to calculate visitor, session, campaign data and keep track of site usage for the site's analytics report. The cookies store information anonymously and assign a randomly generated number to identify unique visitors.
_gid	1 day	This cookie is installed by Google Analytics. The cookie is used to store information of how visitors use a website and helps in creating an analytics report of how the website is doing. The data collected including the number visitors, the source where they have come from, and the pages visted in an anonymous form.

Bank of Lithuania Guidelines on Security Token Offerings