Type to search

The compliance oracle in the sky

Avatar photo

– an interview with Harbor CEO Josh Stein, PART 1

Although The Tokenizer focuses primarily on the European market, it is evident that the US has played an important role in the development of the still-immature tokenization and security tokens industry. A few US companies can rightly take the credit for being the first in the rapidly growing field of token issuance companies, and Harbor is one of them. That is why we are excited to launch The Tokenizer with an interview with Harbor CEO Josh Stein.

The interview falls into two parts. In this Part 1, Josh Stein talks about the latest developments in the market, the regulatory challenges of issuing crypto securities, the need for centralisation when it comes to compliance, and the – still! – critical role of blockchain technology despite this need.  To read Part 2 of the interview, please click here.

Michael Juul Rugaard (MJR): I did a count today of companies offering security token issuance services. I quickly found around 40, which is significantly more than when I checked a few months ago. So it seems as if we are witnessing nothing less than an explosion of the market right now. What is happening?

Josh Stein (JS): Good question. I think the providers are exploding. I do not think the market is exploding. You had some folks interested in security tokens early on. Harbor, Securitize and Polymath were the three real early movers. Then as the ICO market cooled and security tokens started to take off, you just had a rush of people piling in. All these ICO consultancies are now STO consultancies. And I can tell you I have been on a lot of phone calls with folks who do not know anything. They do not know anything about capital markets, or real estate, or private equity. All they did before was advise ICOs, and now they think they can offer advice on how capital markets work.

MJR: So a lot of this influx is a direct consequence of the collapse of the ICO market?

JS: Yes. I think particularly in real estate you have seen a lot coming in and copying Harbor or doing a variation of Harbor.

MJR: But what differentiates Harbor from the rest? Do you see different categories within this fast-growing group of companies?

JS: I put them into three different buckets. One bucket contains the folks who are in a pure technical platform play, and they do not have any real role in raising capital or structuring the investment. Polymath and Securitize are in that bucket. They have slightly different models, but that is essentially what they do. They are software providers, and they are not going to raise capital for you or help you structure what you are doing.

The opposite is a large group of private equity funds that are tokenized. Tokenization is not crucial to what they are doing at all, and they are not out there to tokenize issuance after issuance. You can think of them as a new Goldman Sachs plus tokens.

Harbor is in between, but we are closer to the technical platform than anything else. We do not just intermediate people raising capital from the investors. It is not like we are creating a fund, and people are buying into the Harbor fund. We are a marketplace that connecting people raising capital with investors. We are an issuance platform plus a protocol. A software platform that onboards and vets the investor, handles all the legal documents, and takes care of all the payments, similar to the other issuance platforms out there. Then we are a blockchain protocol that controls how the security token trades. We track real-world identity in real time, and if that real-world identity has not been vetted, the trade will not go through.

MJR: Obviously, you have a clear focus on compliance and the regulatory aspects of security token issuance. In your white paper about The Regulated Token (R-Token) standard, you say that the R-token enables ERC 20 tokens to become compliant across a wide range of platforms and even across jurisdictions. Can you elaborate further on that?

JS: You are right, we are very focused on compliance. But let me give you an overview of how it works, and then I can talk about the different jurisdictions. Essentially, every time a Harbor issued token goes to trade, it pings Harbor. Harbor is this all-knowing trade compliance oracle in the cloud. Harbor checks all compliance requirements. If they all check out, the trade goes through; if any of it does not check out, we throw an error, and the trade never happens, and the error message says why. You could think of the different compliance requirements as the “who,” the “what,” and the “where” of compliance.

There are KYC/AML rules around who the buyer and seller can be. There are also accredited investor requirements in the US. And in other jurisdictions, there are similar requirements. In most places, there are special rules for control persons for affiliates of the issuer. Some issuers do a custom white list or a walled garden where they only want to let a limited set of individuals trade. That is a common request that we get. For any form of private security, there are usually rules around a minimum number of investors, maximum number of investors, there may be rules on foreign ownership, there may be other sorts of rules, such as holding periods.

MJR: Could you provide a concrete example?

JS: Sure. The deal we have out right now is a tokenized real estate investment trust or a T-REIT. The great thing about real estate it that you get very advantageous tax treatment, but the rules are complicated. A REIT must always have a minimum of 100 investors; it cannot have more than 1999 per class of equity; the top five holders must own less than 50%; the non-US persons must hold less than 50%. There are some complex rules around trading. It must be accredited investors during the first year. After one year non-accredited investors can buy up to a limit of 500. All these complex rules are what the capitalisation table has to look like. If you don’t comply, then you must go public, or you blow your tax treatment, or other bad things happen.

Finally, there are rules around where you can trade. Some people want to trade the security token anywhere around the world. Other people want to trade it only on specific exchanges or OTC desks. Some people do not want it to trade on an exchange at all. They only want it trading over the counter because they do not want public price discovery. We can accommodate all those different scenarios. Every time that security token goes to trade it pings Harbor, and Harbor checks the “who,” “what,” and “where” of compliance.

MJR: How about tracking the real-world identity of participating investors?

JS: You cannot do the things you need to do unless you track the real-world identity of the investors. And our thesis is that it needs to be centralized in one place. If you allow trading in only one exchange, then the exchange can control for all these requirements. But if you allow it to trade peer-to-peer or over-the-counter, or in multiple exchanges, which most people want it to be able to do, then you need a centralised control over those compliance rules. Harbor is that centralised transfer and compliance agent. 

MJR: Are you not afraid of being so bold on centralisation in a blockchain world where everybody always talks about the beauty of decentralisation?

JS: You cannot decentralise everything! The investment itself is never decentralised. If you are investing in a company or real estate. That investment is centralised. You have to trust some third-party manager and custodian of those assets. When talking about security tokens, it cannot be completely decentralised because you are investing in an enterprise.

We believe compliance needs to be centralised, but everything else can be decentralised. The tokens we issue are ERC 20 standard tokens. They are plug and play compatible with any exchange, any wallet, any technology like dYdX, that allows you to do derivatives, or MakerDAO, which will enable you to do margin loans in a stable coin.

MJR: This degree of necessary centralisation and reliance on a trusted third-party, is that immediately understood and accepted in the crypto space?

JS: No, it is not. I get pushback sometimes from people. What is hard for people to realise is that the issuer must have a legal ability to reassign a security token, which blows people’s minds. If you and your spouse get divorced and the court says half of the shares go to your spouse, today that company will record in its books that your 100 shares is now 50 shares for you and 50 shares for your wife. You have to do the same thing with the security token.

By law, you must have the ability to reassign ownership. So, I have had some people push back and say, “Well then how do I own what I own?” The answer is you own it the same way you do today when you own shares. There is a recording in a book; it is called book-entry securities, that says that you own it. You are still subject to court order. You’re subject to the processes of the company.

People often think of security tokens as they think of Bitcoin, the two are very different. With Bitcoin, if you have a private key, and unless someone can physically grab you and coerce you to provide them access, nobody can touch that Bitcoin. But with security tokens, the company has to have the ability to change the records of ownership.

MJR: You have said that people sometimes ask you if blockchain technology is necessary at all for what you do. What is your answer?  

JS: Yes, I get the question: Why not just do a centralised database then? Why a blockchain? But we are centralising compliance because we think that it has to be centralised. That is just the way the laws work. Then we’ve decentralised everything else. And I think the real value of the blockchain in this situation is twofold.

One is that the open architecture of the blockchain means you have lots of other participants coming in. There are a lot of different things that need to be done. You need qualified custodians, you need people to trade, and you need to use exchanges and market makers. There are all these different participants, and if you try to do that all with one company in one centralised place, it’s too hard. Because the blockchain is an open architecture, it allows all these different participants to come in and provide these essential services, not just in the US, but around the world. That’s a critical part blockchain’s value.

The second part of its value comes from the secondary trades. What becomes decentralised or relatively trustless is when you go to trade your security token. You find a buyer, and you can trade directly to him. You go to an exchange, and it is through the blockchain and only the blockchain that you can trade 24/7 around the globe, practically instantaneously, with no counterparty risk. You get the benefits of the blockchain for certain aspects – the secondary trading – but there are certain aspects where it is a centralised world. Now, what do we mean with a security token? Today for private companies, they record their equity, their share ownership, in a ledger.

It used to be big red ledger notebooks, and you would write down entry after entry. Then you go to trade them, and there would be a new entry. Later we used software like Excel to track who owns what. Now we’re using that giant Excel spreadsheet in the sky that we call Ethereum, and I think sometimes we misleadingly use the word “token” because there is nothing physical there. It is just a ledger recording who owns what. It is an administrative record of ownership or title, but the asset itself is the company. The asset itself is the real estate, and we are just recording who owns how much of what.

End of part one


You Might also Like