Mankiw Research | Detailed Explanation of the SEC's "Issuance and Sign Up of Crypto Assets"

On April 10, 2025, the U.S. Securities and Exchange Commission (SEC) Division of Corporation Finance released a significant policy document: "Offerings and Registrations of Securities in the Crypto Asset Markets." Although the title is mild, it is essentially a standardized disclosure document guideline for issuing coins in the Web3 industry. This is not a new enforcement announcement, nor is it a penalty notice for a specific project, but rather a disclosure guideline with significant practical implications. The SEC very rarely uses nearly four thousand words to tell you point by point: if you want to issue tokens and raise funds compliantly in the United States, you must clearly outline and explain these matters. You can think of it as a prospectus for Web3 projects to enter the U.S. capital markets, as well as a clear boundary map drawn by the SEC for the industry. Background: Why did the SEC issue this document? In recent years, more and more Web3 projects are taking a compliant path, trying to raise funds publicly in the form of securities. Many projects have adopted the following methods: • Register public offering (like an IPO) with the SEC through Form S-1; • Use Reg A+ for small fundraising, bypassing the complete IPO process; • Submitted Form 20-F by overseas team to enter the U.S. market; • Even issue ETF products linked to Tokens using trust structures. The SEC has noticed that the registration documents submitted by different projects vary widely; some are simply copies of white papers, while others are filled with technical jargon but lack substantial content, and some even obscure basic risk factors. To regulate industry practices, the SEC's Corporate Finance Division has issued this policy, listing the core information that must be disclosed when issuing coins for fundraising. It does not have legal effect, but has effectively become the industry’s default registration reference standard. The beginning of the text specifically mentions: "to provide greater clarity on the application of the federal securities laws to crypto assets..." - providing clearer guidance on how securities laws apply to crypto assets. Business Disclosure: It's not about talking dreams, but about what you are actually doing. The SEC emphasizes that project parties must submit a complete description of their business. This requirement is standard in traditional IPOs and has now been explicitly included in the Token registration process. “Issuers are required to disclose information material to an understanding of the general development of their business.” In simple terms, no more using the narrative of "blockchain + future vision" to fool investors; instead, it should be clearly and concretely stated: • What project are you working on? Is it L2? DEX? GameFi? DePIN? • What stage is the project at now? Is there a mainnet? User count? On-chain activity data? • Will you still operate after the launch? Is the project team disbanded? Or is it handed over to the DAO? Does the DAO have a clear governance structure? • How do you make a profit? Is there a clear monetization path? Through transaction fees, token premiums, or ecosystem feedback? • What is the purpose of a token? Is it for governance, gas, service credentials, or is it an investment certificate? The SEC specifically pointed out that "talking about technology and ecology" cannot replace the real business situation, nor can the white paper be copied verbatim. The materials must reflect your specific, clear, and quantifiable business model. Technical structure disclosure: If you say there is a chain, you must clarify the construction of the chain. The biggest highlight of this SEC document is that the technical disclosure section is written in unprecedented detail. "The objectives of the network and how the technology… functions and accomplishes its objectives, including architecture, software, key management…" The specifics include the following contents: the goals, uses, and operating mechanisms of networks and applications; Consensus mechanism, transaction confirmation method, block size, gas mechanism, transaction throughput; Wallet system and key management method (whether it is self-custody and whether it supports multi-signature); Is the network open source? Who does the IP belong to? Are there any patent disputes? Is there a network upgrade mechanism? What is the upgrade proposal process? Who has executive authority? If governed through smart contracts, are those contracts audited? Who will maintain it? Is it upgradable? The SEC also requires projects to explain the responsibilities and interactions of various roles in the network — including users, developers, validators, governance participants, off-chain service providers, etc. You can no longer just say "we have a chain, running on-chain," but must explain the technical details of the chain, governance mechanisms, and upgrade logic as clearly as describing the governance structure of a company. The above projects may not all apply to every project; the SEC does not mandate that all projects disclose this information, but rather states that "if this information is a component of your project and is significant to investors, then you must disclose it." Token disclosure: If you are issuing a security, disclose according to the standards for securities. This part is written very straightforwardly by the SEC: If the Token you issue falls under the category of securities (which is highly likely), then you have to disclose its attributes and rights structure just like you would for stocks. "Rights, obligations, and preferences… including voting rights, liquidation rights, redemption terms, etc." You need to answer the following questions: Does Token represent the right to income from assets? Right of liquidation? Suffrage? Is the token transferable? Are there any lock-ups, lock-ups, or circulation restrictions? Does it have functions such as splitting, staking, buyback, and burning? How are the rules set? What is the mechanism for generating tokens? Is it a one-time mint? Regular releases? Is there an upper limit? Is there a special token structure for the DAO (e.g., governance token vs. economic token)? Does the contract support upgrades? If so, who has permission to modify the logic? Have you done a third-party audit? Is the audit report public? You can design your Token model with strong technical logic, but in the end, you still have to translate this model into the language commonly used by the SEC for review. At this point, it's not about innovation, but about whether you can explain it clearly. Risk Disclosure: It's not just about price fluctuations, but every point you are worried about that needs to be clarified. The SEC has always been most sensitive to risk disclosure. It emphasizes that risk is not a decoration of the process, but an obligation of the project. "Material factors that make an investment speculative or risky… including technological, regulatory, and operational risks." The risks you must disclose are more than just "Token price fluctuations": Risks related to the issuer's planned business operations, such as risks related to technology and network security, as well as the implementation of the issuer's business and reliance on other networks or applications. Risks related to securities, such as risks related to any unique characteristics of the securities, including their form, price volatility, the rights of holders or their lack of rights, valuation and liquidity, supply and custody. Risks related to other applicable laws and regulations, such as whether the issuer's activities need to be registered with the Financial Crimes Enforcement Network or certain state financial services agencies under the Money Transfer Act, or registered with other regulatory agencies, such as federal or state banking regulators or the Commodity Futures Trading Commission. All of these must be disclosed truthfully, even if they sound like they will "affect financing." The SEC's bottom line is "do not hide," otherwise you can expect a letter from the SEC. Issuer management information disclosure: Who are the operators, who took the money, must all be written down. You can say that you are a DAO project or a foundation control, but the SEC will not listen to you introduce yourself, it looks at "who is making decisions, who can issue tokens, and who gets substantial benefits". "Disclosure is required for persons who do not hold formal titles… but who perform policy-making functions." Who is the management team of the issuer? What information is related to their identities and experience? Who are the participants in project governance, funding decisions, and roadmap formulation? Which service providers are operating the project? Were consulting fees or technical fees paid? Do any employees or teams hold a large number of coins? Is the smart contract or network code entrusted to a specific team/organization? Even if you use the most complex structure for packaging, you must disclose the actual controlling parties. The SEC is not hostile to structural design; it just wants you not to "hang a sheep's head to sell dog meat." Finance and Audit: You didn't just issue a token, but brought yourself into the SEC's view. Many project parties will say: "I don't have operating income, why do I need financial statements?" The SEC doesn't want you to embellish the financial statements, but rather to clarify these matters: Are tokens included in assets? Is the pre-sale treated as a liability? Is there a use of tokens to pay for services? How is it measured? Do token incentives, token releases, staking interest, etc. constitute expenses? Is there an on-chain income flow? How are they confirmed and audited? Do tokens generate dividends, rebates, or compound interest similar to traditional securities? The original text states: "Issuers are required to provide financial statements that comply with applicable requirements..." You need to submit financial statements in standard format (especially S-1, Reg A+, 20-F paths) and provide clear accounting treatment for Token-related assets, liabilities, revenues, and expenses. The SEC specifically pointed out that if the rules of your Token are written in the contract and the on-chain governance rules are determined by code, then this code itself must be submitted as an Exhibit and updates must be synchronized. "We have observed filings include as an exhibit the code of the smart contract(s)…" That is to say: The smart contract address, version, and audit status must be disclosed synchronously; whether there is an upgrade logic and whether it is controlled by a minority must also be explained; if the contract controls the Token release rules, then this is the "securities agreement" of your project. Mankun Lawyer summarizes: Compliance is a collective coming-of-age ceremony for the industry. Many entrepreneurs' first reaction upon seeing this SEC document is: "It's too complicated, let's try another country." But this document is not a rejection of Web3; rather, it is an attempt to invite Web3 to the public market and toward institutionalization. It is not a red light, but a roadmap. Do you want to really get the money from traditional institutions? Do you want your project to be traded in the mainstream market? Do you want to survive in the long term without fear of any legal letters? Then you must adapt to these disclosure requirements, manage your token with the logic of securities, and operate your project with the mindset of a public company. The SEC does not tell you how to design a token, but it does tell you what information cannot be hidden and what structures cannot be manipulated. This checklist is your compass for compliant fundraising in the U.S. market. If you are a Web3 project party, trading platform, fund, lawyer, or auditing institution—now is the time to take this document and reassess everything you are preparing to submit to the SEC.

/ END. Authors of this article: Liu Honglin, Shao Jiadian