Top

Small Business Economics

Published in:

Open Access 29-03-2021

Initial coin offerings, information disclosure, and fraud

Authors: Lars Hornuf, Theresa Kück, Armin Schwienbacher

Published in: Small Business Economics | Issue 4/2022

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Patentsearch

Off

Abstract

We study the extent of fraud in initial coin offerings (ICOs), and whether information disclosure prior to the issuance predicts fraud. We document different types of fraud, and that fraudulent ICOs are on average much larger than the sample average. Issuers who disclose their code on GitHub are more likely to be targeted by phishing and hacker activities, which suggests that there are risks related to disclosing the code. Generally, we find it extremely difficult to predict fraud with the information available at the time of issuance. This calls for the need to install a third party that certifies the quality of the issuers, such as specialized platforms, or the engagement of institutional investors and venture capital funds that can perform a due diligence and thus verify the quality of the project.

Publisher’s note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

1 Introduction

Since the advent of Bitcoin in 2008, which until today remains the most widely used digital currency worldwide, digital currencies have gained in popularity. More recently, tokens based on different blockchains have been created to raise funds from a large crowd of people for the development of a project or firm (Adhami et al. 2018; Fisch 2019). At the same time, concerns about fraud have arisen, claiming that many of these initial coin offerings (ICOs) are scams (Liebau and Schueffel 2019). We investigate whether information provided prior to the ICO gives hints on the risk of fraud, and document the severity of the phenomenon. Understanding the extent of fraud in ICOs and its determinants is crucial if it is to become a new source of entrepreneurial finance (Ackermann et al. 2020; Block et al. 2018; Howell et al. 2020; Liebau and Schueffel 2019; Momtaz 2020a, b).

Similar to an initial public offering of corporate securities where a prospectus is published before the securities issuance, firms planning an ICO draft a white paper, which in the past was not formally approved by financial markets authorities. In this study, we collect detailed information from the white papers for a sample of 1393 ICOs that took place worldwide from September 2016 to July 2018. We have coded the white papers along various dimensions in terms of type and extent of information provided to investors. Regulators and professionals have been arguing that different indicators, so-called red flags, may hint to the fact that an ICO could be a fraud (Kaal and Dell’Erba 2019). These include, for example, whether there is a soft cap during the ICO, whether sufficient information is available on the founders, or how the funds will be spent. We construct measures for a large range of these red flags to study their predictive power. In a next step, we run a rigorous search of fraud cases that were reported in the media. A thorough search is done for every ICO in our sample.

We obtain the following results. First, we were able to classify fraudulent behavior into seven categories. Some fraud cases even fall into more than one category. Fraud can originate from corporate outsiders or the issuers itself. Most often, fraudsters deceive investors of ICOs through phishing attacks, in which case external fraudsters or the issuer itself unduly gets hold of the investments. Frequently, the issuer also simply disappears after receiving the funds, which has often been referred to as exit fraud. In total, we could identify 274 fraud cases within the 1393 ICOs studied; 188 suspected and 175 confirmed fraud cases.¹ Second, we find that whether specific information is disclosed hardly predicts whether an issuer is fraudulent or not. In other words, the information provided during the issuance is hardly useful to predict whether the venture behind the ICOs is a fraud. The information provided by the issuer may simply be wrong and unreliable in the first place, which indicates a need to externally verify the information that is voluntarily provided.

Two important factors relate to fraudulent cases. The first is the amount raised, as ICOs that eventually are found to be fraudulent raise on average almost four times more money. While the causal relation is unclear, one possible reason for this positive relation is that the incentives to engage in fraud are greater the more money is raised (Becker 1968). Corporate outsiders and insiders, such as founders, may be more tempted to engage in fraud if doing so is worthwhile. In economic terms, a one-standard deviation increase in the amount raised is associated with an increase in the fraud probability of 38%. The second factor predicting fraud is whether the code of the venture was disclosed on GitHub, a platform where startups can post their code in order for others to verify the lack of errors. Disclosing the code on GitHub is generally viewed as a sign of trustworthiness and transparency and thus helpful to raise more money (Dabbish et al. 2012; Amsden and Schweizer 2019; Howell et al. 2020). However, we document that such disclosure increases the likelihood of phishing by corporate outsiders by 7%, thereby also generating risks for investors and the startup. This finding is new to the literature and important for the tech community. In particular, it reveals a “dark side” of code disclosure on GitHub, while prior studies have focused mostly on the “bright side” by showing that disclosure helps in raising more money.

These findings contribute to those of other studies (Fisch and Momtaz 2020; Momtaz 2020a), highlighting the important role of institutional investors and other institutions (e.g., investor associations, industry codes of conduct, certifying institutions, funding platforms) in verifying endogenous signals by the issuer. The existence of these institutions could not only reduce moral hazard by the issuer but also mitigate internal fraud. Momtaz (2020a) evidences significant moral hazard problems in ICO-funded firms, whereas Fisch and Momtaz (2020) document that the participation of institutional investors leads to higher post-ICO performance. Although neither study explicitly investigates fraud, moral hazard and performance differentials may be related to deception as well.

While our analysis contributes mainly to understanding the extent of fraud in ICOs, in a broader context, it also shows how markets evolve if no specific regulation is in place or entrepreneurs at least believe that no regulation exists. Given that traditional stock markets are now regulated all over the world, the phenomenon of ICOs allows for the study of firm behavior that is comparable to the situation before the implementation of regulations such as the Securities Act of 1933 and the Exchange Act of 1934. Other studies have examined specific forms of fraud, such as pump-and-dump schemes (Hamrick et al. 2020; Li et al. 2019) and Ponzi schemes on Ethereum (Bartoletti et al. 2020). Hamrick et al. (2020) construct different measures of fraud signals on two social media channels (Discord and Telegram) and conclude that those initiating these schemes may earn profits. Li et al. (2019) provide evidence that pump-and-dump schemes eventually reduce liquidity and the price of cryptocurrencies. The results of these articles are specific to pump-and-dump schemes, and other forms of fraud are unlikely to work through the same channels. Bartoletti et al. (2020) examine the extent and impact of Ponzi schemes on Ethereum by analyzing smart contracts on Ponzi-typical patterns. They identify 12% of smart contracts as Ponzi schemes, but these affect only a small number of the transactions on Ethereum (0.08%). In this article, we extend the set of fraud analyzed. Moreover, while previous work examines the trading impact of fraud, we explore the determinants of fraud initiated by either the issuing firm or outsiders. Liebau and Schueffel (2019) offer early evidence that fraud (or “scam”) occurs much less often in ICOs than often claimed. However, they neither uncover the drivers of fraud nor differentiate between different types of fraud. Other articles studying fraud in ICOs scrutinize the regulatory framework but are mostly conceptual (e.g., Chohan 2019).

The remainder of the article is structured as follows. First, we provide examples of common types of fraud in the ICO market and outline our hypothesis (Section 2). Second, we present our data and results (Sections 3 and 4). Finally, we discuss our findings and provide policy conclusions (Section 5).

2 Forms of fraud in ICOs and hypothesis

Digitalization has brought new forms of finance for startups (Block et al. 2018). Crowdfunding was probably the first form in this development. The first platforms have emerged in 2008 and the industry has professionalized, with significant growth rates every year since then². However, new technologies have brought the digitalization a step further, including the invention of the blockchain, which enables new forms of contracting and issuance of tokens and securities. Recently, startups have started using the blockchain to raise money in the form of an ICO (Block et al. 2020).

An ICO can be chosen for different reasons. The simplest form of an ICO is done by a newly created startup in need for initial funding to develop a product or service. In an ICO, the owners launch a crowdfunding campaign to raise money in exchange for tokens. These tokens can be used by backers to consume a product or service, which the startup plans to develop in the future. For example, the token can become a means of exchange for services provided on the platform that is supposed to be created. In this case, the tokens created are often referred to as utility tokens. Unlike in the traditional crowdfunding model that takes place on platforms like Kickstarter and where the creators describe their project in a pitch on the website, in an ICO, the founders outline their project in a white paper. White papers have no standardized format and describe the product or service to be developed and how the ICO is going to take place. While the funds the startup uses are published publicly on the blockchain, there is no auditing of the project spending based on the funds that have been raised after the ICO is completed.

While this business model largely resembles reward-based crowdfunding, there are also many differences. The tokens will be created through an ICO so that the crowd can buy more tokens than what they need for consumption purposes, because the excess tokens can be resold on the secondary market. Moreover, the fact that the tokens are traded later makes them a tradable asset, more in line with a security. Indeed, because trading takes place on exchanges before the platform goes online, investors may also participate in the ICO by buying tokens with the intention of selling them shortly after on an exchange to make profits. In some cases, tokens are not created as means of payments for services provided on the platform, but the sole purpose of the token is to participate in the future profits of the startup. In this case, the tokens created are referred to as securities or investment tokens.

The value of the tokens is thus related to the chances of project success. If the project cannot be developed, the tokens essentially become worthless. By contrast, the value of the token appreciates when the project becomes successful so that early backers financially benefit. Most often, startups use Ethereum as the blockchain of choice as this was one of the first blockchains that support complex and autonomous self-executing contracts.

2.1 Forms of fraud in ICOs

2.1.1 Exit fraud

In many cases, ICO issuers’ intention is not to build up a business and list it on an exchange but to quickly disappear with the collected money. This type of fraud, which is often referred to as exit fraud, is often combined with a fake team, in which fictitious people are presented as team members of the ICO. The fraudsters of the ICO Benebit, for example, used photos of employees of a school in the UK to represent a team.³ This, however, became public after the fraudsters had already raised $2.7 million USD through the ICO. Before the ICO started, the issuers tried to appear as legal and reliable as possible. For example, they were active on social media and on Twitter for more than a year before the ICO began. In addition, they spent around $500,000 USD for marketing purposes and were highly rated by ICO review websites. As soon as they were detected as fraudsters, however, the Benebit website disappeared, and the social media accounts were deleted.⁴

2.1.2 Securities fraud

From a legal perspective, offering securities that are not registered is illegal. Thus, the question is whether the token created constitutes a security. In the USA, whether a transaction involves a security is determined by means of the Howey test, which was developed in the seminal SEC v. W. J. Howey Co. court judgement. According to the test, a security is involved in a transaction if someone (1) invests his money in (2) a common enterprise and is led to (3) expect profits (4) solely from the efforts of the promoter or a third party. According to Alberts and Fry (2015), cryptocurrencies are generally not securities because they are lacking two important criteria outlined in the Howey test. First, cryptocurrencies such as Bitcoin are not investments in a common enterprise, as they can be used to make any form of payment. Second, the purchasers cannot expect profits from the purchase based on the efforts of the seller of the cryptocurrency. Nevertheless, in SEC v. Shavers the SEC has applied securities regulation to investment funds that have invested in Bitcoin companies.⁵

Furthermore, after the SEC published the DAO Report in July 2017, the regulator sued several companies for securities offering by means of unregistered digital tokens. One recent case is the offering of Kin Token by the Canadian company Kik Interactive Inc. Kik is running a messaging application named Kik Messenger but due to a decreasing number of app-users and low revenues, the company faced liquidity problems in late 2016. To recover from this financial distress, the company created the Kin Token and started an ICO in May 2017. In the published white paper, the founder of the company stated to develop the “Kin Ecosystem,” in which the token holder can use Kin to purchase goods and services. Moreover, the value of the token would increase due to a limited number of tokens. The company raised funds of approximately $100 million USD from more than 10,000 investors, of which more than half were US investors.⁶ In June 2019, the SEC concluded that the token offering by Kik fulfils the four criteria of the Howey test: “Investor’s purchases of Kin were an investment of money (1), in a common enterprise (2), with an expectation of profits for both Kik and the offerees (3), derived primarily from the future efforts of Kik and others to build the Kin Ecosystem and drive demand for Kin (4). Consequently, Kik’s offers and sale of Kin in 2017 was an offer and sale of securities.”⁷ For this reason, the SEC sued Kik Interactive Inc. for unregistered security offering in the federal court of Manhattan, NY.⁸

2.1.3 Ponzi scheme

Another example of fraudulent activities in the ICO market is the crypto-lending platform Bitconnect with its token BCC. The England-based company successfully ran an ICO in December 2016, performed as one of the best cryptocurrencies on coinmarketcap.com in 2017, and, according to Bitconnect, it represented a market value of $4.1 billion USD.⁹ Bitconnect’s business model was based on the following scheme. After investors deposited their Bitcoin into the Bitconnect BCC exchange platform and purchased its digital token BCC, the investors could use the token for two programs: First, investors can lend their token back to Bitconnect as part of its “Bitconnect Lending Program.” Bitconnect pretended to reinvest this token and promised a monthly return of up to 40%. Second, Bitconnect guaranteed a monthly return of up to 10%, if the investor holds the token for more than fifteen days in his or her BitConnectQT-wallet (“Bitconnect Staking Program”). In January 2018, the Texas State Securities Board and the North Carolina Securities Division aimed to shut down Bitconnect’s business with cease-and-desist letters due to an unregistered security offering of BCC. In addition, through the guaranteed investment returns, the regulators stated that Bitconnect’s business model resembles a Ponzi scheme. In February 2019, also the FBI started investigating against Bitconnect.¹⁰

2.1.4 Pump and dump, phishing, and hacking

Fraud in the ICO market does not necessarily emanate from the company running the ICO, something we call external fraud in our analysis. Another fraud category is pump-and-dump schemes, which have been investigated in the context of ICOs by Hamrick et al. (2020) and Li et al. (2019). In a pump-and-dump scheme, a fraudster artificially inflates the price of a token through false information, in order to sell the token that was initially cheaply bought at a higher price.

Moreover, numerous examples show that fraudsters are active in sending phishing mails, faking social media accounts, or hacking into companies’ IT systems. This, for example, was the case with the Israel-based ICO crypto portfolio management platform named CoinDash. As soon as the public ICO-phase started in July 2017, a malicious attacker changed the official wallet address on the CoinDash’s website. Thus, investors sent their money to the false address until CoinDash shut down the website and, according to CoinDash’s blog, the hackers captured 43,000 ETH within seven minutes.¹¹ In September 2017 and February 2018, CoinDash announced that the hackers sent back 10,000 ETH and 20,000 ETH, respectively. In a similar way, fraudsters could steal around $1 million USD from potential investors of the ICO The Bee Token. While the ICO was running, investors who fell victim to phishing mails sent their money to false wallet addresses.¹² The company confirmed the phishing attack and suspected that the attackers were able to gain personal information in form of e-mail addresses, first names, and surnames through illegal access to a third-party vendor.¹³

Another way attackers can harm the ICO issuer and its investors is by exploiting bugs in smart contracts. Studies in the field of computer science show that smart contracts contain various vulnerabilities (Luu et al. 2016; Kalra et al. 2018. Nikolić et al. 2018). According to the cybersecurity agency Hosho (now Zokyo), every fourth smart contract is vulnerable to attacks.¹⁴ This was also the case with the DAO that was attacked after its ICO. The DAO resembled a venture capital fund that no longer relied on hired investment managers or a board of directors but rather on autonomous self-executing contracts. While investors of traditional investment funds typically face an agency problem, in which fund managers potentially act in their personal interest and not in the investors’ best interest, the DAO intended to solve this problem by leaving the decision-making process of the venture capital fund to computer algorithms and the owners. Owners maintain a pro rata voting right in line with their token share in the organization. Investors had a right to withdraw their initial Ether investment until they executed their voting right in the venture capital fund for the first time. Therefore, the smart contract contained a so-called split function, which enables investors to withdraw their initial investment if they disagree with the way the DAO uses their funds (Mehar et al. 2019).

In June 2016, a GitHub user identified a bug and informed the developers of the DAO that this split function made the smart contract vulnerable to attacks. Before the developers could resolve the issue, a hacker diverted around 3.6 million Ether worth approximately 50 million USD away (Mense and Flatscher 2018). In the end, the problem was fixed by what is called a hard fork, and the funds were returned to the investors of the DAO. This type of bug in a smart contract also led to a hacker attack during the ICO of SpankChain, a payment platform in the adult entertainment industry. The smart contract of the payment channel contained a bug similar to the DAO bug and was exploited in October 2018. The hacker stole 165.38 Ether, which were worth approximately 38,000 USD at the time of the incident.¹⁵ Two days later, SpankChain announced that the hacker returned the stolen funds and was rewarded with 5000 USD.¹⁶

2.1.5 Other fraud

Besides these frequent and well-documented forms of fraud, there have already been numerous other ways in which investors have been cheated by ICO companies or corporate outsiders. Some ICOs falsely claim to have partnerships with well-known companies such as Boeing, PayPal, or Walt Disney, which was the case, for example, with the ICO Titanium Blockchain.¹⁷ DeClouds was another ICO that tried to establish a decentralized trading platform of precious metals such as platinum, gold, silver, and palladium. According to the white paper of the ICO, the advantage of DeClouds is that it enables investors to trade precious metals on a peer-to-peer basis on an alternative stock market and to earn returns from the appreciation of precious metals. According to DeClouds, the German DAB bank supposedly supported the startup with a 5 million EUR investment. As it turned out, the cooperation was a scam, and the founders disappeared with the money they had collected.¹⁸

2.2 Information disclosure on GitHub and effects on fraud

For traditional capital markets, finance scholars have theoretically and empirically shown that information disclosure is beneficial to investors (Leuz et al. 2008). According to prior studies, low information asymmetries reduce the cost of capital for companies and make capital allocation more efficient (Merton 1987; Diamond and Verrecchia 1991; Healy and Palepu 2001). In line with these findings, research has documented that disclosing the ICO token code on GitHub improves issuers’ fundraising abilities (Dabbish et al. 2012; Amsden and Schweizer 2019; Howell et al. 2020), because experts can cost-efficiently review the code. This third-party review ensures the quality of the code to expert and non-expert investors. Disclosure and scrutiny on GitHub may thus certify that the code does not include bugs, as in the case of the DAO and SpankChain.

While prior research has mostly focused on the positive side of disclosure on GitHub, negative consequences may also occur. De Andrés et al. (2019) note that the “level of transparency also comes at a cost as, in this case, it can increase the number of hacking attacks because hackers also have access to the smart contract code and are therefore able to identify any bugs or vulnerabilities more easily.” Indeed, an unintended consequence of disclosure on GitHub may be that some knowledgeable experts exploit instead of report bugs to the community, leading to increased external fraud such as hacker and phishing attacks either during or after the ICO campaign.

This two-sided view of disclosure is not unique to ICOs. On the one hand, disclosure information on the company reduces the need for investors to collect the information on their own (Diamond 1985), which is more efficient than having each investor bear the costs of information gathering. Disclosure can consequently increase liquidity of shares or tokens later on in the exchange as a result of a reduction in information. On the other hand, Hellmann and Perotti (2011) and Cooter and Edlin (2014) show that entrepreneurs who reveal their business ideas suffer from appropriation risk. If the token code contains the business model in a detailed manner (more detailed than the white paper), issuers might suffer from transparency and a higher likelihood of hacker and phishing attacks. In summary, we expect the disclosure of the token codes on GitHub to reduce internal fraud but increase external fraud.

3 Data collection

3.1 Methodology for data collection

Our sample consists of 1393 ICOs, which are listed on Icobench.com and Icorating.com, and ended their fundraising campaign before July 1, 2018. The first ICO in our sample started in September 2016. Both websites belong to the largest ICO listing websites worldwide. These websites provide information on the ICOs, such as financial details, team information, links to social media channels, and ICO characteristics like pre-ICO phase, token ticker, or location of the ICO issuer (Huang et al. 2020).

Identifying fraud cases with certainty is not possible, because of the short time since the ICOs took place and the rare incidence of final judicial decisions. Also, the public often uses the term “scam” for simply referring to the fact that many projects are bad. However, the mere fact that a project has bad business prospects does not make it a scam. Fraud assumes some form of intent to deceive investors by either the issuer or some outsiders. This is particularly difficult to prove, so our focus is on suspected and confirmed fraud. Suspected fraud refers to media coverage about fraudulent campaigns on high-quality print or online media. Reports about a bad business model or simply claiming that the founders are fraudsters are not enough to classify the ICO as suspected fraud. Confirmed fraud refers to cases where a trustworthy source like the SEC, another governmental agency, or the ICO issuer itself has confirmed that the fraud took place. We also considered exit fraud as confirmed when the communication with the issuer stopped two weeks after the end of the funding period and was not initiated again. Confirmed exit fraud was also often associated with a disappearance of the website of the issuer.

Because we focus on fraud, our sample will inevitably be smaller than a sample of projects with bad business prospects. Different methods have been proposed to identify fraud. For example, an article in the Wall Street Journal suggested looking at plagiarism in the white paper text, leading to 271 red-flagged cases out of a sample of 1450 ICOs.¹⁹ However, such an approach will necessarily lead to many falsely identified fraud cases, because honest issuers could copy the content of white papers to save in legal and administrative costs, a behavior often observed in the fintech domain (Dorfleitner et al. 2020). Through the increasing standardization of white paper formats, there is further an increasing use of templates, which leads to plagiarism for other reasons than the type of fraud we are examining here. Our method is therefore more conservative to ensure reliability in the cases we classify as fraud, at the expense of possibly missing some fraudulent issuers out.

To identify ICO fraud cases, we rely on the method that was developed by Cumming et al. (2020a) for crowdfunding. From October 2018 to January 2019, we ran an extensive search on Google and searched for the following three terms: (1) name of the ICO, (2) “ICO,” and (3) “fraud” or different synonyms for fraud: “scam,” “phishing,” “pump and dump” and “ponzi." Using this method, we could identify 274 fraud cases, 188 suspected and 175 confirmed fraud cases. Some ICOs were classified as suspected and confirmed fraud, because multiple fraud types were involved out of the seven categories described in Section 2.1. To ensure that our coding system is reliable and coherent, detailed explanations were provided for each fraud category and when to classify a scam as suspected or confirmed (see Appendix Table 9). In particular, we had a second researcher, who was not involved in the project, code all fraud categories independently. Finally, in case our coding was not consistent with the second researcher, we discussed the coding and, in four cases, needed to reclassify the respective fraud category.²⁰

3.2 Summary statistics on fraud cases

Table 1 summarizes our findings in terms of number of fraud cases identified, by fraud type. The most common fraud category is phishing attacks. The bulk of phishing attacks were formally confirmed by the founders, after they detected them, feared that their funds get stolen, and consequently warned their investors. The next most common fraud type is exit fraud, for which 25 could be confirmed and 21 were suspected. For all other categories, suspected fraud cases are more common than confirmed fraud cases. In case of securities fraud, the ICO issue was sometimes accompanied by one of the other fraud types. So far, we were able to identify 13 suspected security fraud cases, but only 3 confirmed one. Furthermore, we were able to identify one confirmed pump-and-dump scheme, with 31 suspected cases. Overall, 27 ICOs were related to a Ponzi scheme.

Table 1

Distribution of fraud cases identified (N = 1393). Multiple fraud types are possible for an ICO

Fraud type	No. of suspected cases	No. of confirmed cases
Exit fraud	21	25
Security fraud	13	3
Ponzi scheme	27	0
Pump and dump	31	1
Phishing/hacking	28	128
Other types	68	18
Total	188	175
Percentage of sample	13.5%	12.6%

An ICO can be classified as more than one type of fraud. For example, an ICO can be classified as security fraud and, at the same time, as a Ponzi scheme. Moreover, one type of fraud can be detected and another suspected. In our sample, 198 ICOs are associated with one type of fraud, 69 with two types of fraud, and the rest with three.

Finally, we find that internal fraud declines over time, while there is no clear pattern for external fraud.²¹ However, these findings need to be taken with caution given the small sample size for the year 2016 and the potential lack of fraud identification for more recent ICOs.

3.3 Summary statistics on ICOs

All variables are defined in Table 2. Table 3 presents summary statistics for our sample. In terms of general sample characteristics, 88.7% of the ICO have used the Ethereum blockchain. On average, 57.1% of the token are offered during the ICO, and only 44.1% do a pre-sale prior to the funding period. Founder information, such as the number of founders involved in the project is included in 94.1% of the white papers (Team info available). This percentage is slightly lower for fraudulent cases, as expected. Finally, information on how much was ultimately raised (Amount raised) could be retrieved in 61% of the cases only, despite extensive and systematic search efforts.

Table 2

Definition of variables

Variable	Definition
Dependent variables
Suspected fraud	Dummy variable that equals 1 if the ICO is a suspected but not confirmed fraud case, and 0 otherwise.
Confirmed fraud	Dummy variable that equals 1 if the ICO was confirmed by the issuer or an independent regulator or the communication of the issuer stopped two weeks after the end of the funding period confirmed fraud case, and 0 otherwise.
Internal fraud	Dummy variable that equals 1 if the ICO was initiated by the issuer, and 0 otherwise; we consider as internal fraud: exit fraud, security fraud, Ponzi scheme, and those classified as other type of fraud.
External fraud	Dummy variable that equals 1 if the ICO was initiated by an outsider to the issuing firm, and 0 otherwise; we consider as external fraud: a pump and dump, phishing, or hacking.
Fraud	Dummy variable that equals 1 if the ICO is a suspected or confirmed fraud, and 0 otherwise.
ICO characteristics
Offshore country	Dummy variable that equals 1 if the ICO is located in an offshore country according to the FSF–IMF 2000 list, and 0 otherwise. Source: Offshore Financial Centers - Background Paper (2000).
Company age	Number of days between the date of Twitter registration and start of the funding period.
Funding period	Number of days the ICO lasted. Source: Icobench.com and/or Icorating.com
Pre-Sale	Dummy variable that equals 1 if the ICO had a pre-ICO, and 0 otherwise. Source: Icobench.com and/or Icorating.com
Whitelist	Dummy variable that equals 1 if the ICO has a whitelist where potential investors could pre-register, and 0 otherwise. Source: Icobench.com and/or Icorating.com
KYC	Dummy variable that equals 1 if the ICO had a KYC process, and 0 otherwise. Source: Icobench.com and/or Icorating.com
Investor limitations	Dummy variable that equals 1 if the ICO is restricted to investors from certain countries, and 0 otherwise. Source: Icobench.com and/or Icorating.com
ETH platform	Dummy variable that equals 1 if the token of the ICO is created on the Ethereum blockchain, and 0 otherwise. Source: Icobench.com and/or Icorating.com
GitHub	Dummy variable that equals 1 if the issuer provided code content in the repository section of GitHub, and 0 otherwise. Source: GitHub
Team characteristics
Team info available	Dummy variable that equals 1 if a team was listed on Icobench.com and/or Icorating.com, and 0 otherwise. Source: Icobench.com and/or Icorating.com
Team size	Number of team members. Source: Icobench.com and/or Icorating.com
Adviser	Dummy variable that equals 1 if advisers are listed on Icobench.com and/or Icorating.com, and 0 otherwise. Source: Icobench.com and/or Icorating.com
Involved in another project	Dummy variable that equals 1 if at least one team member is involved in another ICO in our sample, and 0 otherwise. Source: Icobench.com and/or Icorating.com
Financial details
ICO price	Token price during the ICO in US-dollar. Source: Icobench.com and/or Icorating.com
Token distributed	Percentage of tokens available for sale during the ICO. Source: Icobench.com and/or Icorating.com
Soft cap	Dummy variable that equals 1 if the ICO has minimum funding goal, and 0 otherwise. Source: Icobench.com and/or Icorating.com
Hard cap	Dummy variable that equals 1 if the ICO has a maximum funding target, and 0 otherwise. Source: Icobench.com and/or Icorating.com
Hard cap in million USD	Amount of the maximum funding target in million USD. Source: Icobench.com and/or Icorating.com
Bonus	Dummy variable that equals 1 if the ICO offers a discount for early investors, and 0 otherwise. Source: Icobench.com and/or Icorating.com
Minimum investment	Dummy variable that equals 1 if the ICO requires a minimum investment, and 0 otherwise. Source: Icobench.com and/or Icorating.com
Accepting fiat	Dummy variable that equals 1 if the ICO accepted fiat currency, and 0 otherwise. Source: Icobench.com and/or Icorating.com
Nbr Accepting	The number of different cryptocurrencies the issuer accepted during the funding period. Source: Icobench.com and/or Icorating.com
Social media activity
Nbr social media	Number of social media accounts on Twitter, Facebook, Reddit, Telegram, Slack, Medium, and Bitcointalk.
Twitter account	Dummy variable that equals 1 if the ICO was registered on Twitter, and 0 otherwise. Source: Twitter
Facebook	Dummy variable that equals 1 if the ICO was registered on Facebook, and 0 otherwise. Source: Facebook
Reddit	Dummy variable that equals 1 if the ICO was registered on Reddit, and 0 otherwise. Source: Reddit
Telegram	Dummy variable that equals 1 if the ICO was registered on Telegram, and 0 otherwise. Source: Telegram
Slack	Dummy variable that equals 1 if the ICO was registered on Slack, and 0 otherwise. Source: Slack
Medium	Dummy variable that equals 1 if the ICO was registered on Medium, and 0 otherwise. Source: Medium
Bitcointalk	Dummy variable that equals 1 if the ICO was registered on Bitcointalk, and 0 otherwise. Source: Bitcointalk
Tweets	Number of tweets on Twitter. Source: Twitter
Twitter followers	Number of followers on Twitter. Source: Twitter
Information disclosure
Token distribution	Dummy variable that equals 1 if the ICO issuer disclosed how tokens are distributed among different stakeholders, and 0 otherwise. Source: Icorating.com
Info on use of funds available	Dummy variable that equals 1 if the ICO issuer disclosed information about the planned use of funds, and 0 otherwise. Source: Icorating.com
Video pitch	Dummy variable that equals 1 if the ICO disclosed a video pitch on Icobench.com, and 0 otherwise. Source: Icobench.com

Table 3

Summary statistics on main variables. The subsample of fraud cases includes both suspected and confirmed cases

							Subsample of fraud cases (N = 274)		Subsample of non-fraud cases (N = 1119)		Diff. mean test
Variable	No. obs.	Mean	Median	Std. dev.	Min	Max	Mean	Std. dev.	Mean	Std. dev.	Diff.	p-value
Fraud
Suspected fraud	1393	0.109	0	0.312	0	1	0.555	0.498	- -	- -	- -	- -
Confirmed fraud	1393	0.113	0	0.316	0	1	0.573	0.496	- -	- -	- -	- -
Fraud	1393	0.197	0	0.398	0	1	- -	- -	- -	- -	- -	- -
Internal fraud	1393	0.105	0	0.306	0	1	0.533	0.500	- -	- -	- -	- -
External fraud	1393	0.119	0	0.324	0	1	0.606	0.490	- -	- -	- -	- -
ICO characteristics
Amount raised in million USD	845	18.762	6.316	146.095	0	4198	41.443	287.899	11.070	18.341	30.373	0.081
Offshore country	1393	0.313	0	0.464	0	1	0.314	0.465	0.313	0.464	0.001	0.972
Company age	1178	297.310	112	531.660	0	3748	336.970	570.030	287.640	521.740	49.330	0.192
Duration of ICO	1383	40.459	31	31.764	0	382	35.766	40.119	41.598	29.291	−5.832	0.024
Pre-sale	1392	0.441	0	0.497	0	1	0.339	0.474	0.466	0.499	−0.127	0.000
Whitelist	1393	0.183	0	0.387	0	1	0.113	0.317	0.200	0.400	−0.087	0.000
KYC	1393	0.610	1	0.488	0	1	0.700	0.459	0.588	0.492	0.112	0.000
Investor limitations	1393	0.220	0	0.414	0	1	0.124	0.330	0.243	0.429	−0.119	0.000
ETH platform	1393	0.887	1	0.316	0	1	0.880	0.326	0.889	0.314	−0.010	0.657
GitHub	1393	0.461	0	0.499	0	1	0.511	0.501	0.449	0.498	0.062	0.064
Team characteristics
Team info available	1393	0.941	1	0.235	0	1	0.912	0.283	0.948	0.222	−0.036	0.052
Team size	1282	7.828	7	6.146	1	52	8.291	6.047	7.718	6.166	0.573	0.161
Adviser	1311	0.568	1	0.496	0	1	0.540	0.499	0.574	0.495	−0.034	0.312
Involved in another project	1393	0.553	1	0.497	0	1	0.609	0.489	0.540	0.499	0.070	0.035
Financial details
ICO price	1357	10.627	0.25	221.750	0	7555	12.222	183.550	10.237	230.200	1.985	0.879
Token distributed	934	0.571	0.6	0.202	0	1	0.572	0.211	0.571	0.200	0.001	0.964
Soft cap	1393	0.414	0	0.493	0	1	0.285	0.452	0.446	0.497	−0.161	0.000
Hard cap	1393	0.668	1	0.471	0	1	0.606	0.490	0.683	0.466	−0.077	0.019
Hard cap in million USD	929	51.541	20	342.090	0	9734	65.920	270.084	48.412	355.906	17.508	0.369
Bonus	1393	0.470	0	0.499	0	1	0.343	0.476	0.501	0.500	−0.158	0.000
Minimum investment	1393	0.276	0	0.447	0	1	0.201	0.401	0.295	0.456	−0.094	0.001
Accepting fiat	1203	0.128	0	0.334	0	1	0.134	0.341	0.127	0.333	0.007	0.764
Nbr accepting crypto	1203	2.032	1	1.586	1	13	1.926	1.215	2.056	1.656	−0.130	0.144
Information disclosure
Token distribution	1393	0.817	1	0.387	0	1	0.796	0.404	0.822	0.383	−0.027	0.325
Info on use of funds available	1393	0.421	0	0.494	0	1	0.285	0.452	0.454	0.490	−0.169	0.000
Video pitch	1379	0.719	1	0.450	0	1	0.757	0.429	0.709	0.454	0.048	0.100
Social media activity
Nbr social media	1393	5.127	5	1.793	0	8	5.197	1.823	5.109	1.786	0.088	0.472
Twitter account	1393	0.852	1	0.355	0	1	0.858	0.350	0.851	0.356	0.007	0.770
Facebook	1393	0.869	1	0.337	0	1	0.861	0.346	0.871	0.335	−0.010	0.666
Reddit	1393	0.550	1	0.498	0	1	0.588	0.493	0.541	0.499	0.047	0.159
Telegram	1393	0.756	1	0.430	0	1	0.635	0.482	0.786	0.411	−0.150	0.000
Slack	1393	0.267	0	0.443	0	1	0.394	0.490	0.236	0.425	0.158	0.000
Medium	1393	0.632	1	0.483	0	1	0.628	0.484	0.633	0.482	−0.005	0.879
Bitcointalk	1393	0.740	1	0.439	0	1	0.723	0.449	0.744	0.436	−0.022	0.469
Tweets	1173	637.763	241	1605.393	1	30,100	839.799	1316.597	588.219	1665.474	251.580	0.007
Twitter followers	1171	9506.470	2896	33,713.340	1	894,000	25,411.400	69,239.300	5597.919	12,822.020	19,813.483	0.000

There is great variation in the amount raised between the ICOs in the sample, with an average of 18.8 million USD and a median of 6.3 million USD. With 41.4 million USD, the average amount is, however, significantly higher for fraudulent cases, which are the ICOs where the benefits from fraud are also highest. One further possible reason for this difference is that ICOs that have been identified as being fraudulent during the first days of the issuance will be stopped early on and thus not included in our sample. All our fraudulent cases are those that have been identified as such after the ICO was over.

While overall fraudulent ICOs tend to have disclosed less information, the differences in disclosure are not statistically significant in a multivariate setting as we will show below. Differences may appear in the quality of the information, something which however is more difficult to assess for non-professional investors. An important difference here concerns information disclosure on how the funds are going to be used, which is only provided in 28.5% of the fraudulent cases as opposed to 45.4% for non-fraudulent cases. However, as will be shown below, it hardly helps predict fraud. There are also no meaningful differences in terms of number of social media used. In terms of financial details included in the offering, one important difference is the presence of a soft cap, which is less common in the fraudulent cases (28.5% vs. 44.6%).

Fraudulent ICOs show important differences as compared to the remaining ICOs that were not identified as fraudulent. ICOs that are fraudulent are by far larger in terms of funds raised. While some of this difference may be because fraud is less likely to occur when the amount collected is particularly small, because the gains from a fraud is limited, we still observe a large difference when considering only ICOs that raised at least 15 million USD. We confirm the positive relationship between the amount raised during the ICO and fraud in a multivariate regression setting (see Table 4). One explanation for the finding that funds raised are positively correlated with fraud is that in the absence of institutions that verify and identify information, honest entrepreneurs may have a competitive disadvantage raising funds in the ICO market (Momtaz 2020a). However, Fisch and Momtaz’s (2020) empirical evidence shows that the participation of institutional investors has a positive effect on funds raised and is also correlated with a positive post-ICO performance, which could be indicative of a lower likelihood of internal fraud (e.g., exit fraud).

Table 4

Determinants of fraud cases

	(1)	(2)	(3)	(4)	(5)	(6)
	Confirmed fraud	Suspected fraud	Fraud	Confirmed fraud	Suspected fraud	Fraud
Offshore country	−0.0015	0.0064	0.0119	−0.0040	0.0336	0.0223
Company age	0.0000	−0.0000	−0.0000	−0.0000	0.0000	−0.0000
Duration of ICO	−0.0002	−0.0001	−0.0000	−0.0004	0.0005	0.0003
Pre-sale	−0.0256	−0.0155	−0.0324	−0.0038	0.0210	0.0088
Whitelist	−0.0386	0.0214	−0.0112	−0.0169	0.0293	0.0247
KYC	0.0279	−0.0004	0.0222	0.0372	0.0082	0.0341
Investor limitations	−0.0263	−0.0437	−0.0656*	−0.0187	−0.0487	−0.0734
GitHub	0.0612***	0.0165	0.0655***	0.0613**	−0.0019	0.0738**
Adviser	−0.0192	0.0150	−0.0014	−0.0595*	0.0276	−0.0241
Involved in another project	0.0251	0.0177	0.0308	0.0371	−0.0143	0.0216
Soft cap	−0.0491**	−0.0414**	−0.0782***	−0.0476	−0.0320	−0.0754*
Hard cap	0.0422*	−0.0121	0.0254	0.0068	−0.0018	−0.0103
Bonus	0.0114	−0.0335	−0.0108	0.0159	−0.0321	−0.0106
Minimum investment	−0.0496**	0.0128	−0.0314	−0.0492	0.0002	−0.0419
Accepting fiat	0.0296	0.0285	0.0334	0.0502	−0.0227	0.0373
Nbr accepting crypto	−0.0103	−0.0069	−0.0095	−0.0054	−0.0132	−0.0108
Info on use of funds available	−0.0024	−0.0460**	−0.0339	−0.0137	−0.0288	−0.0256
Video pitch	0.0223	0.0438*	0.0552*	−0.0741*	−0.0213	−0.0836*
Amount raised				0.0010*	0.0008**	0.0026***
Token distributed				0.0030	0.0591	0.0783
Observations	967	967	967	451	451	451
Pseudo R-squared	0.060	0.064	0.054	0.084	0.081	0.087
AIC	664.757	591.999	892.243	353.471	288.289	446.579

This table shows Probit regressions, where the dependent variable is a dummy equal to 1 when the ICO is classified as a fraud case, and 0 otherwise. We consider three different measures of fraud: Confirmed Fraud, Suspected Fraud, and Fraud (which equals 1 if Confirmed Fraud or Suspected Fraud equals 1). Coefficients reported are marginal effects. Robust standard errors are used for testing the significance of coefficients. Significance levels: *p<0.10; **p<0.05; ***p<0.01

There may be differences in the quality of information that was not captured in our study and that require—similar to venture capital investments—a good understanding about the ICO process and a due diligence of risky projects by investors. For example, the case of DeClouds has shown that posting a photo with German DAB bank with the intention to certify the quality of the ICO is not sufficient for the issuer to provide a credible quality signal, because the signal itself must be verified and non-fraudulent (Momtaz 2020a). Especially retail investors may refrain from collecting more information due to the cost of verifying these signals relative to the small size of their investments.

4 Results

We now turn to assessing whether the differences between fraudulent and non-fraudulent ICOs identified in the univariate analysis also hold in the multivariate setting. To this end, we run Probit regressions with three different dependent variables: Confirmed Fraud, Suspected Fraud, and Fraud. The latter equals 1 if an ICO is either a suspected or confirmed fraud, and thus combines both subcategories in one variable. We run the analyses on all three variables to assess the robustness of our findings. While we expect many suspected fraud cases to eventually be confirmed,²² examining them separately (the variable Suspected Fraud) and together with other cases (through to combined variable Fraud) is worthwhile. Table 4 presents the results. We include a large set of possible explanatory factors, while ensuring limited multicollinearity among our explanatory variables. Many of the explanatory variables in our analysis are similar to those in other studies examining the determinants of funding success (e.g., Adhami et al. 2018; Fisch 2019; Huang et al. 2020). Models (1)–(3) use the largest possible sample. In models (4)–(6), we further include Amount raised and Token distributed as additional factors. In particular, adding the variable Amount raised is useful given that we found in the univariate setting that fraudulent ICOs raised almost four times more than non-fraudulent ones. These additions, however, reduce our sample to about half.

Most factors are not significant, hinting to the fact that predicting fraud is very difficult.²³ The presence of a soft cap reduces the risk of fraud; however, this significant result disappears when controlling for the amount raised. One reason why a soft cap could reduce fraud is because a larger soft cap requires a large participation by investors, similar to the all-or-nothing effect in crowdfunding (Cumming et al. 2020b). If not enough investors find the issuance sufficiently trustworthy and valuable, it will fail. Therefore, entrepreneurs who plan to engage in fraud are less inclined to define a soft cap, because they bear the risk of not raising any money at all.

One factor that consistently leads to higher fraud is when the startup has disclosed its code on GitHub. This result is at first sight surprising, given that disclosing the code is typically viewed as a sign of trustworthiness and transparency (Dabbish et al. 2012; Amsden and Schweizer 2019; Howell et al. 2020). The difference in the probability of having a fraudulent offer is 6.6–7.4%, depending on the specification considered (model (3) or (6)). Our results therefore stand in contrast to the common view that disclosing information on GitHub is good. A closer examination of what types of fraud are associated with disclosure on GitHub offers a first clue on why fraud might become more prevalent (see Table 5). Phishing and hacker attacks are more common when code is published on GitHub (65.0% vs. 44.0%), which is a main type of fraud in this particular case. Table 5 presents the distribution of fraud cases by disclosure on GitHub. Fraud cases in which the code was disclosed before the ICO on GitHub are more often external than internal fraud, as opposed to fraud cases without prior disclosure. By contrast, exit fraud, security fraud, and Ponzi schemes, all of which are types of internal fraud, are less likely. These observations suggest that GitHub induces more often externally driven phishing and hacker attacks. One likely reason is that phishing and hacker attacks become easier for corporate outsiders when the code of the venture is disclosed. Thus, while recent ICO studies (e.g., Amsden and Schweizer 2019; Howell et al. 2020) have argued that disclosing the code on GitHub is helpful to build trust between the startup and the investors, we find that it encourages external fraudsters to misuse the disclosed information to their own advantage and at the expense of investors. Thus, there is a clear trade-off in deciding to disclose information on GitHub.

Table 5

Sample distribution of fraud cases, by GitHub disclosure

Variable	Subsample of fraud cases with GitHub==1		Subsample of fraud cases with GitHub==0		Diff. mean test
Variable	Mean	Std. dev.	Mean	Std. dev.	Diff.	p-value
Suspected fraud	0.500	0.502	0.612	0.489	−0.112	0.062
Confirmed fraud	0.629	0.485	0.515	0.502	0.114	0.057
Internal fraud	0.429	0.497	0.642	0.481	−0.213	0.000
Exit fraud	0.093	0.291	0.246	0.432	−0.153	0.001
Security fraud	0.050	0.219	0.067	0.251	−0.017	0.547
Ponzi scheme	0.064	0.246	0.134	0.342	−0.070	0.053
Other fraud	0.271	0.446	0.358	0.481	−0.087	0.122
External fraud	0.729	0.446	0.478	0.501	0.251	0.000
Pump and dump	0.171	0.378	0.060	0.238	0.112	0.003
Phishing/hacking	0.650	0.479	0.440	0.498	0.210	0.000

Returning to Table 4, another important result is that having raised more funds is associated with a greater likelihood of fraud (models (4)–(6)), confirming our initial univariate finding that size matters. One reason proposed before is that the benefit of fraud is higher because there is more money to steal. In economic terms, a one-standard deviation increase in the amount raised leads to an increase in the fraud probability of 38%, which is a substantial effect. Our results further show that the amount raised primarily affects suspected fraud, though the coefficient for confirmed fraud is also significant at the 10% level. This relationship is primarily driven by internal suspected fraud, which is consistent with the view that corporate insiders have greater incentives to engage in fraud if there is more to steal.

An underlying assumption is that the significant result on GitHub is due to external and not internal fraud. Indeed, issuers’ benefits from fraud are unrelated to whether the code is disclosed on GitHub. However, the fraud is facilitated for corporate outsiders, thus the increased risk of external fraud. To corroborate this assumption, we run again the same analysis as in Table 4 but separately for external and internal fraud cases. Results provided in Table 6 confirm that the effect of GitHub is driven by external fraud (the first six columns regress on external fraud, the last six on internal fraud).

Table 6

Determinants of external and internal fraud cases

	External fraud						Internal fraud
	(1)	(2)	(3)	(4)	(5)	(6)	(7)	(8)	(9)	(10)	(11)	(12)
	Confirmed fraud	Suspected fraud	Fraud	Confirmed fraud	Suspected fraud	Fraud	Confirmed fraud	Suspected fraud	Fraud	Confirmed fraud	Suspected fraud	Fraud
Offshore country	0.0027	0.0023	0.0085	0.0111	0.0309	0.0336	0.0044	0.0242	0.0299	−0.0017	0.0419*	0.0304
Company age	0.0000	0.0000	0.0000	−0.0000	0.0000	0.0000	−0.0000	−0.0000	−0.0000	−0.0000	−0.0000	−0.0000
Duration of ICO	−0.0006	−0.0002	−0.0005	−0.0003	−0.0006	−0.0004	0.0001	0.0002	0.0004*	−0.0005*	0.0006	0.0005
Pre-sale	−0.0294	−0.0036	−0.0316	−0.0063	0.0094	−0.0054	−0.0019	−0.0085	−0.0060	0.0076	0.0286	0.0278
Whitelist	−0.0167	−0.0178	−0.0210	−0.0027	−0.0599	−0.0138	−0.0231	0.0203	0.0036	−0.0195	0.0386	0.0345
KYC	0.0156	0.0067	0.0231	0.0419	−0.0121	0.0389	0.0096	−0.0082	0.0000	−0.0115	0.0021	−0.0124
Investor limitations	−0.0299	0.0043	−0.0388	−0.0394	0.0375	−0.0489	−0.0041	−0.0348	−0.0396	0.0217	−0.0433	−0.0261
GitHub	0.0566***	0.0275**	0.0690***	0.0577*	−0.0141	0.0594*	0.0141	0.0074	0.0101	−0.0039	−0.0061	−0.0042
Adviser	−0.0236	0.0064	−0.0162	−0.0664**	0.0342	−0.0347	0.0036	0.0159	0.0154	−0.0020	0.0118	0.0154
Involved in another project	0.0538**	0.0248	0.0659***	0.0694*	−0.0048	0.0507	−0.0209*	0.0010	−0.0207	−0.0210	−0.0042	−0.0285
Soft cap	−0.0307	−0.0318**	−0.0502**	−0.0459	−0.0329*	−0.066**	−0.0149	−0.0223	−0.0307*	0.0080	−0.0163	−0.0082
Hard cap	0.0340	−0.0157	0.0159	0.0170	0.0029	0.0181	0.0195	0.0112	0.0213	−0.0141	−0.0145	−0.0298
Bonus	−0.0051	−0.0320**	−0.0156	0.0007	−0.0422*	−0.0148	0.0162	−0.0243	−0.0014	0.0072	−0.0182	0.0009
Minimum investment	−0.0426*	−0.0068	−0.0493**	−0.0308	−0.0117	−0.0437	−0.0185	0.0180	0.0068	−0.0182	0.0029	−0.0144
Accepting fiat	0.0026	−0.0031	−0.0200	0.0093	0.0000	−0.0099	0.0503**	0.0423	0.0548*	0.0513*	−0.0114	0.0312
Nbr accepting crypto	−0.0051	−0.0167**	−0.0068	−0.0020	−0.0181*	−0.0021	−0.018***	−0.0068	−0.0114*	−0.0179**	−0.0130	−0.0174*
Info on use of funds available	−0.0099	−0.0449***	−0.0304	−0.0150	−0.0486**	−0.0298	−0.0032	−0.0230	−0.0169	−0.0070	−0.0151	−0.0112
Video pitch	0.0096	0.0278	0.0239	−0.0779**	−0.0105	−0.084**	0.0088	0.0176	0.0282	−0.0173	−0.0312	−0.0312
Amount raised				0.0009*	−0.0001	0.0009				0.0001	0.0008**	0.0010**
Token distributed				−0.0286	0.0062	0.0122				0.0191	0.0407	0.0765
Observations	967	967	967	451	385	451	967	967	967	451	451	451
Pseudo R-squared	0.078	0.204	0.106	0.101	0.198	0.109	0.075	0.038	0.036	0.126	0.082	0.067
AIC	600.79	320.94	670.45	326.05	149.7466	355.24	289.71	504.40	577.29	149.05	261.35	292.02

A final question we try to address is whether fraudulent ICOs under- or outperform directly after the ICO. This question is nontrivial, because some fraudulent issuers may ex ante decide not to list because of the cost involved in doing so on an exchange (e.g., internal fraud such as exit fraud), while other types of fraud are impossible to carry out in the absence of a listing (e.g., external fraud such as pump-and-dump schemes). Pump-and-dump schemes only become potentially profitable strategies if one can trade. Similarly, Ponzi schemes require that the ICO lasts long enough so that a pyramid can be maintained over a sufficient period. If it stops, the organizers can no longer pay first investors. Measuring performance is not an easy task, because fraudulent cases are less likely to list in the first place and the remaining sample for which price data are available suffers from a survivorship bias. We therefore measure ICO performance by whether or not the token got listed on an exchange, a measure previously used in the literature to proxy for successful ICOs (Howell et al. 2020).

Table 7 shows the distribution of fraudulent cases for the subsample of ICOs that eventually got listed and those that did not. The last two columns show the tests for the difference in means of these two subsamples. The subsample of ICOs with listing includes more fraudulent cases (10.1% vs. 6.7%). This difference is mostly driven by external fraud cases, most of them being phishing and hacker attacks. We confirm these differences in a multivariate setting as well.

Table 7

Sample distribution of fraud cases, by exchange listing

Variable	Subsample of ICOs with listing==1		Subsample of ICOs with listing==0		Diff. mean test
Variable	Mean	Std. dev.	Mean	Std. dev.	Diff.	p-value
Suspected fraud	0.101	0.302	0.067	0.250	0.034	0.022
Detected fraud	0.036	0.187	0.044	0.205	−0.008	0.474
External fraud	0.208	0.407	0.038	0.192	0.170	0.000
Internal fraud	0.113	0.317	0.097	0.296	0.016	0.327
Exit fraud	0.006	0.078	0.057	0.233	−0.051	0.000
Security fraud	0.018	0.134	0.005	0.074	0.013	0.030
Ponzi scheme	0.023	0.149	0.016	0.127	0.006	0.403
Pump and dump	0.047	0.211	0.001	0.037	0.046	0.000
Phishing/hacking	0.186	0.389	0.037	0.189	0.149	0.000
Other fraud	0.073	0.260	0.052	0.222	0.021	0.115

In Table 8, we run Probit regressions with the dichotomous dependent variable equal to 1 if the token gets listed on an exchange and 0 otherwise. We test the impact of fraud on that probability, while controlling for all the factors considered in Table 6. We find that fraud is associated with an 11.5% higher probability of listing, though the impact becomes smaller and nonsignificant when we control for the amount raised during the ICO and the number of tokens distributed. However, the last two columns indicate that external fraud is strongly related to a token being listed, and this effect remains significant even after the inclusion of additional controls. The correlation is also economically meaningful. One concern with the interpretation of this result is causality, because in some cases, fraud may only be detected after the listing. Corporate insiders and outsiders might likewise decide to engage in a pump-and-dump scheme only after the token is listed.

Table 8

Determinants of token listing

	(1)	(2)	(3)	(4)
Fraud	0.1153**	0.0526
External fraud			0.2959***	0.1552**
Internal fraud			0.0675	0.0305
Offshore country	0.0829**	0.0172	0.0811**	0.0124
Company age	0.0000	−0.0000	0.0000	−0.0000
Duration of ICO	−0.0017***	−0.0015*	−0.0015***	−0.0014*
Pre-sale	−0.0703**	−0.0319	−0.0621**	−0.0313
Whitelist	−0.0717*	−0.0784	−0.0628	−0.0722
KYC	0.1012***	0.0722	0.0946***	0.0671
Investor limitations	−0.0049	−0.0367	−0.0002	−0.0332
GitHub	0.1213***	0.0601	0.1048***	0.0523
Adviser	0.0846**	0.0381	0.0877***	0.0387
Involved in another project	0.1402***	0.0688	0.1237***	0.0614
Soft cap	−0.0487	−0.0667	−0.0378	−0.0570
Hard cap	−0.0248	0.0767	−0.0269	0.0733
Bonus	−0.1280***	−0.1008*	−0.1229***	−0.0983*
Minimum investment	−0.0001	0.0320	0.0115	0.0387
Accepting fiat	0.0134	0.0003	0.0192	0.0010
Nbr accepting crypto	0.0077	−0.0085	0.0087	−0.0082
Info on use of funds available	0.0151	0.0345	0.0203	0.0358
Video pitch	0.1583***	0.1873***	0.1530***	0.2023***
Amount raised		0.0054**		0.0049**
Token distributed		−0.3483***		−0.3464***
Observations	967	451	967	451
Pseudo R-squared	0.142	0.151	0.167	0.160
AIC	1186.38	531.24	1154.81	528.39

This table shows Probit regressions, where the dependent variable is a dummy equal to 1 when the ICO leads to a listing on an exchange, and 0 otherwise. We consider three different measures of fraud: External Fraud, Internal Fraud, and Fraud (which equals 1 if External Fraud or Internal Fraud equals 1). Coefficients reported are marginal effects. Robust standard errors are used for testing the significance of coefficients. Significance levels: *p<0.10; **p<0.05; ***p<0.01

In unreported regressions, we also test whether fraud is correlated with post-ICO performance. We find that external fraud in the form of pump and dump is related to positive performance after 180 days of trading (calculated as the token return over that period minus the return of the MSCI World Index), which might result from fraudsters first artificially inflating the price of a token through false information, to sell the token that was initially bought cheaply at a higher price. Thus, ICO returns are not a good proxy for fraud, because different types of fraud affect returns at least initially in opposing directions. A worthwhile avenue of future research would be to investigate whether ICOs have developed a sustainable business model and whether their failure rate is higher than that in other technology sectors.

5 Conclusions and policy implications

ICOs combine the financing of a venture through a large crowd with the issuance of a new digital token. Therefore, ICOs share many similarities with equity and reward-based crowdfunding. This implies that the experience gained by national regulators in the crowdfunding domain—especially regarding equity crowdfunding—as well as the knowledge obtained by market participants may be useful for the discussion on whether and how to regulate ICOs. ICOs could be particularly useful when people want to own the platform they are using or would like to use the tokens as means of exchange. For example, the users of LinkedIn or Facebook could own the platform themselves and use tokens to pay for hosting and programming services of the website.

The establishment of professional platforms where ICO issues could take place, similar to equity crowdfunding campaigns that are frequently run on specialized platforms and in some countries are even required by law to use a platform (Hornuf et al. 2018), may facilitate the implementation of both, formal regulation and self-regulation.²⁴ These platforms may even be existing equity crowdfunding platforms integrating ICOs, as they have done similar expansions for other asset classes such as real estate crowdfunding, fixed income products, and secondary markets. In fact, combining crowdfunding and ICOs may be optimal to overcome the current inefficiencies of crowdfunding or the shortcomings of ICOs respectively (Ackermann et al. 2020; Block et al. 2020). Moreover, these platforms could use small business credit scoring, a technology that has been used by financial institutions to evaluate applicants for small loans that involves analyzing data about the owner of the firm and the limited data about the firm itself (Berger and Frame 2007). Using such platforms might not only reduce the likelihood of fraud but also decrease the costs of capital (Li et al. 2020).

In contrast with findings in reward-based crowdfunding (Cumming et al. 2020a), the extent of information disclosure offers little opportunity to identify possible fraud, presumably due to the increasing use of template white papers. A more thorough analysis of the white papers is therefore needed. This could be done by institutional investors (Momtaz 2020a), in line with the notion that it is often optimal to share ownership (Narayanan and Lévesque 2019). Alternatively, specialized platforms might be in a comparatively better position to run background checks and analyze the truthfulness of the information in the white papers, because unlike one-time investors and issuers, they can specialize in conducting such a due diligence (Coffee 2006).

Finally, future research might investigate only the fraud cases that were ultimately classified as fraudulent or illegal by a court or administrative agency such as the SEC. Our approach was based on a method that was developed for reward-based crowdfunding (Cumming et al. 2020a) and which we consequently adapted to the ICO market. Our approach led to a conservative sample of fraud cases. Another method could be based on a comparison between the content of white papers and firm facts verified by Internet sources or third parties (e.g., through reverse image searches or company registers). Moreover, future research could classify the sources of fraud, that is, whether the fraud was planned from the outset or entrepreneurs resorted to fraud during or after the ICO offering. Our method was built on distinguishing fraud conducted by corporate insiders from fraud conducted by outsiders, which had important implications for our analysis of information misuse of disclosed codes on GitHub.

Acknowledgements

We thank the participants of the paper development workshop Developments in Entrepreneurial Finance: Crowdfunding, Blockchain, and ICOs at EMLyon Business School, the 3rd European Alternative Finance Research Conference at Utrecht University, the Sustainable Financial Innovation Centre (SFiC) Virtual Annual Conference at Birmingham University, and two anonymous referees for their valuable comments and suggestions. This article evolved as part of the research project „Securities offerings through Initial Coin Offerings,” which was supported by the Diginomics Research Group at the University of Bremen.

Open Access This article is licensed under a Creative Commons Attribution 4.0 International License, which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons licence, and indicate if changes were made. The images or other third party material in this article are included in the article's Creative Commons licence, unless indicated otherwise in a credit line to the material. If material is not included in the article's Creative Commons licence and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder. To view a copy of this licence, visit http://creativecommons.org/licenses/by/4.0/.

Publisher’s note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

next article Soft and hard information in equity crowdfunding: network effects in the digitalization of entrepreneurial finance

Appendix

Table 9

Definition and examples of fraud categories

Fraud categories	Definition
Phishing/hacker attack
Definition	Phishing attacks include fake e-mails, fake websites, fake airdrops, fake social media accounts, and hacking into a company’s account or website in order to route investors to a fake wallet address. A hacker attack refers to a bad actor stealing money from a company's blockchain wallet.
Suspected	Phishing or hacker attacks are categorized as suspected if there were rumors of such attacks.
Confirmed	We categorized phishing or hacker attacks as detected if the company confirmed that it was the victim of a phishing or hacker attack.
Security fraud
Suspected	Either the ICO issuer is under investigation by a regulator of committing security fraud or rumors that the issued token is an unregistered security token occurred.
Confirmed	A regulator (e.g., the SEC) confirmed that the ICO issuer committed security fraud.
Ponzi scheme
Suspected	Examples: (i) Rumors that the company’s business model is based on a Ponzi scheme occurs on website(s). (ii) The company shows a tool for calculating ROI on its website or white paper. The company promises profits to investors. (iii) A third party website shows a ROI scheme which is based on the promised profits for investors (e.g., BehindMLM). (iv) The company or a team member is involved in a possible Ponzi company.
Confirmed	Confirmation by the ICO issuer or a regulator that their business model is based on a Ponzi scheme. In that case investments are used to pay guaranteed profits to earlier investors.
Pump and dump
Suspected	Accusations about pump-and-dump scheme have occurred.
Confirmed	The ICO issuer confirmed that its coin was the victim of a pump-and-dump scheme.
Exit fraud
Definition	The founders of the company disappear after the funding period without any announcement of repayments to investors.
Suspected	An accusation about an exit fraud of the company could be found, but the time of latest corporate communication cannot be determined because both the website and the social media accounts are no longer available.
Confirmed	Disappearance is assumed when both the website and social media communications have been discontinued. At least one social media account must show that the company stopped its communication immediately after the ICO (within two weeks). Unless fraud has already been confirmed (category other fraud) or exit fraud accusations occurred within two weeks after ICO. The social networks investigated are Twitter, Facebook, and the company’s own blog.
Other fraud
Bounty scam
Suspected	Claims in forums (e.g., Bitcointalk, Reddit) that bounty hunters did not get paid with tokens for their work.
Confirmed	Claim of a corporate partner that the company is not willing to pay the bounty hunters.
Fake team/fake company
Suspected	Claims that the team or a team member could be a fake person or identity theft took place.
Confirmed	Evidence that a team member is a fake person trough reverse image searches or statement from the person whose identity was stolen.
Issues with token distribution/refund
Suspected	Accusation that the distribution of tokens after the ICO or, in the case the soft cap has not been reached, the refund is either delayed and/or lower or is missing.
False claims about partnerships	False claims by the ICO issuer about cooperations with other companies or claims of cooperations with fraudulent companies.
Suspected	Only accusation without evidence.
Confirmed	Denial of the apparent cooperation by the other company or confirmation of false claims by a regulator.
Bug in smart contract code
Suspected	Accusations about a bug in the smart contract code, which leads to a money loss either for the company or for the investor.
Other fraudulent activities identified	The company is associated with fraudulent conduct or suspicious persons or institutions: e.g., investigation or legal action against the company (except security fraud and Ponzi investigations); company is associated with suspicious individuals or institutions, such as persons who have been investigated, sued for or involved in fraudulent activities.
Suspected	Accusations of fraud/scam which implicate a bad/fraudulent intention by the founder/company (or an external person or institution) and cannot be attributed to the above categories. Claims without evidence or investigation.
Confirmed	Confirmation of fraudulent activity by a regulator.

The sum of suspected and confirmed cases is smaller than 363 because some fraud cases are confirmed along one dimension of fraud and suspected along another one.

See Cumming et al. (2020a) for an analysis of the limited number of fraud cases in crowdfunding.

www.thsboys.org.uk/school-information/staff/

https://news.bitcoin.com/benebit-ico-runner-2-7-million-investor-funds/

Valkenburgh (2016) notes that the Howey test is an efficient guide for deciding whether tokens pose a threat to their users. The more the token fits under the definition of a security, the more its users should be protected by regulation. Whether a token is considered a security largely depends on the way it is used. In any ICO, individuals directly or indirectly invest their money. While the investment in the tokens that are created during an ICO requires the use of a cryptocurrency, backers can invest fiat money in cryptocurrencies via a thirdparty conversion service. Per definition, an ICO involves the investment in a common enterprise, namely the project or firm to be developed by the founder. The third criterion is arguably not always fulfilled in an ICO. While some backers might use their investment speculating that the venture itself and tokens become more valuable, others might solely use their tokens as unit of exchange to transact on the platform. In the latter case, the tokens might maintain a stable value and could be considered as a utility token. The difference whether a token constitutes a security or not might in fact come from the nature of the token and the respective business model of the startup. Some tokens are exhaustible and considered as a product, where the consumption of the token acts as proof of this claim. On the other hand, non-exhaustible token may be considered a form of memberships. In this case, the transaction underlying the ICO can be seen as a form of compensation rather than investment. In Europe, MiFID II, Article 4, 1. (44) defines what transferable securities are. Generally, securities must be transferable and tradeable on financial markets, they should not be payment instruments, and they should have rights attached similar to the ownership rights of a firm.

https://www.sec.gov/litigation/complaints/2019/comp-pr2019-87.pdf

https://www.nytimes.com/2019/06/04/business/sec-kik-kin-coin.html

Chohan (2019): Bitconnect and Cryptocurrency Accountability; https://www.ssb.texas.gov/news-publications/4-billion-crypto-promoter-ordered-halt-fraudulent-sales

https://www.fbi.gov/contact-us/field-offices/cleveland/news/press-releases/seeking-potential-victims-in-bitconnect-investigation

https://blog.coindash.io/coindash-tge-hack-findings-report-15-11-17-9657465192e1

https://www.coindesk.com/bee-token-phishing-scam

https://medium.com/@thebeetoken/security-update-on-the-phishing-incident-c8ff647841b8

https://news.bitcoin.com/25-of-all-smart-contracts-contain-critical-bugs/

https://medium.com/@hosho/auditing-the-unchained-capital-smart-contract-ac2d7ecea373

https://www.coindesk.com/spankchain-loses-40k-in-hack-due-to-smart-contract-bug

https://www.coindesk.com/spankchain-says-hacker-returned-stolen-crypto-funds

https://www.sec.gov/litigation/complaints/2018/comp-pr2018-94.pdf

See https://medium.com/@playkey/how-to-tell-if-an-ico-is-a-scam-df00c6f0047c

See https://www.wsj.com/articles/buyer-beware-hundreds-of-bitcoin-wannabes-show-hallmarks-of-fraud-1526573115 (last viewed on October 29, 2020).

In nine cases, we had to either change the detected to a suspected fraud or vice versa.

Internal fraud declined from 43% (2016) to 14% (2017) and 8.3% (2018).

We cannot test whether suspected fraud is later confirmed, because we observe fraud only at one point in time at which ICO are associated with suspected fraud, confirmed fraud, or both (if the ICO was associated with multiple types of fraud).

In unreported regressions, we include additional variables related to the founder team (e.g., founder team size, potential advisers, and whether team members have been involved in other ICOs), which further reduced the sample size because these variables were not available for all ICOs. Including these variables, however, does not affect our main conclusions. The variable Team Info Available is always equal to 1 in the sample used in Table 4 and thus could not be statistically identified.

Crowdfunding campaigns in the early days of the market were also run on individual websites set up by the issuer; for example, Trampoline Systems in the UK.

Ackermann, E., Bock, C., & Bürger, R. (2020). Democratising entrepreneurial finance: the impact of crowdfunding and initial coin offerings (ICOs). In A. Moritz et al. (Eds.), Contemporary developments in entrepreneurial finance: an academic and policy lens on the status-quo, challenges and trends (pp. 277–308). https://doi.org/10.1007/978-3-030-17612-9_11.CrossRef

Adhami, S., Giudici, G., & Martinazzi, S. (2018). Why do businesses go crypto? An empirical analysis of initial coin offerings. Journal of Economics and Business, 100, 64–75. https://doi.org/10.1016/j.jeconbus.2018.04.001.CrossRef

Alberts, J., & Fry, B. (2015). Is bitcoin a security? Boston University Journal of Science and Technology Law, 21(1), 1–21.

Amsden, R., & Schweizer, D. (2019). Are blockchain cowdsales the new ‘Gold Rush’? Success determinants of initial coin offerings. Available at SSRN: https://ssrn.com/abstract=3163849.

Bartoletti, M., Carta, S., Cimoli, T., & Saia, R. (2020). Dissecting Ponzi schemes on Ethereum: identification, analysis, and impact. Future Generation Computer Systems, 102, 259–277. https://doi.org/10.1016/j.future.2019.08.014.CrossRef

Becker, G. (1968). Crime and punishment: an economic approach. Journal of Political Economy, 76(2), 169–217. https://doi.org/10.1007/978-1-349-62853-7_2.CrossRef

Berger, A. N., & Frame, W. S. (2007). Small business credit scoring and credit availability. Journal of Small Business Management, 45(1), 5–22. https://doi.org/10.1111/j.1540-627X.2007.00195.x.CrossRef

Block, J. H., Colombo, M. G., Cumming, D. J., & Vismara, S. (2018). New players in entrepreneurial finance and why they are there. Small Business Economics, 50, 239–250. https://doi.org/10.1007/s11187-016-9826-6.CrossRef

Block, J.H., Groh, A., Hornuf, L., Vanacker, T., & Vismara, S. (2020). The entrepreneurial finance markets of the future: a comparison of crowdfunding and initial coin offerings. Small Business Economics, forthcoming. https://doi.org/10.1007/s11187-020-00330-2.

Chohan, U. W. (2019). Initial coin offerings (ICOs): risks, regulation, and accountability. In S. Goutte, K. Guesmi, & S. Saadi (Eds.), Cryptofinance and mechanisms of exchange (pp. 165–177). Springer Verlag. https://doi.org/10.1007/978-3-030-30738-7_10.

Coffee, J. (2006). Gatekeepers: the role of the professions in corporate governance: the professions and corporate governance. Oxford: Oxford University Press.

Cooter, R., & Edlin, A. (2014). The double trust dilemma: Combining ideas and capital. In R. Cooter (Ed.), The falcon's gyre: Legal foundations of economic innovation and growth. Available at Berkeley Law Scholarship Repository: https://www.law.berkeley.edu/library/resources/cooter.pdf.

Cumming, D.J., Hornuf, L., Karami, M., & Schweizer, D. (2020a). Disentangling crowdfunding from fraudfunding. Available at SSRN: https://ssrn.com/abstract=2828919.

Cumming, D. J., Leboeuf, G., & Schwienbacher, A. (2020b). Crowdfunding models: keep-it-all vs. all-or-nothing. Financial Management, 49(2), 331–360. https://doi.org/10.1111/fima.12262.CrossRef

Dabbish, L., Stuart, C., Tsay, J., & Herbsleb, J. (2012). Social coding in GitHub: transparency and collaboration in an open software repository. Proceedings of the ACM 2012 conference on Computer Supported Cooperative: 1277–1286. https://doi.org/10.1145/2145204.2145396.

De Andrés, P., Arroyo, D., Correia, R., & Rezola, A. (2019). Regulatory and market challenges of initial coin offerings. European Corporate Governance Institute - Law Working Paper No. 461/2019, Available at: https://ssrn.com/abstract=3413117.

Diamond, D. W. (1985). Optimal release of information by firms. Journal of Finance, 40, 1071–1094. https://doi.org/10.1111/j.1540-6261.1985.tb02364.x.CrossRef

Diamond, D. W., & Verrecchia, R. E. (1991). Disclosure, liquidity, and the cost of capital. Journal of Finance, 46, 1325–1359. https://doi.org/10.1111/j.1540-6261.1991.tb04620.x.CrossRef

Dorfleitner, G., Hornuf, L., & Kreppmeier, J. (2020). Promise not fulfilled: FinTech and the General Data Protection Regulation. mimeo.

Fisch, C. (2019). Initial coin offerings (ICOs) to finance new ventures. Journal of Business Venturing, 34(1), 1–22.CrossRef

Fisch, C., & Momtaz, P. P. (2020). Institutional investors and post-ICO performance: an empirical analysis of investor returns in initial coin offerings (ICOs). Journal of Corporate Finance, 64, 101679. https://doi.org/10.1016/j.jbusvent.2018.09.007.CrossRef

Hamrick, J.T., Rouhi, F., Mukherjee, A., Feder, A., Gandal, N., Moore, T., & Vasek, M., (2020). The economics of cryptocurrency pump and dump schemes. Available at SSRN: https://ssrn.com/abstract=3310307.

Healy, P. M., & Palepu, K. G. (2001). Information asymmetry, corporate disclosure, and the capital markets: a review of the empirical disclosure literature. Journal of Accounting and Economics, 31(1-3), 405–440. https://doi.org/10.1016/S0165-4101(01)00018-0.CrossRef

Hellmann, T., & Perotti, E. (2011). The circulation of ideas in firms and markets. Management Science, 57(10), 1813–1826. https://doi.org/10.1287/mnsc.1110.1385.CrossRef

Hornuf, L., Klöhn, L., & Schilling, T. (2018). Financial contracting in crowdinvesting - lessons from the German market. German Law Journal, 19(3), 509–578. https://doi.org/10.1017/S2071832200022781.CrossRef

Howell, S., Niessner, M., & Yermack, D. (2020). Initial coin offerings: financing growth with cryptocurrency token sales. Review of Financial Studies, 33(9), 3925–3974. https://doi.org/10.1093/rfs/hhz131.CrossRef

Huang, W., Meoli, M., & Vismara, S. (2020). The geography of initial coin offerings. Small Business Economics, 55, 77–102. https://doi.org/10.1007/s11187-019-00135-y.CrossRef

Kaal, W.A., & Dell’Erba, M. (2019). Initial coin offerings: emerging practices, risk factors, and red flags. U of St. Thomas (Minnesota) Legal Studies Research Paper No. 17-18. Available at SSRN: https://ssrn.com/abstract=3067615.

Kalra, S., Goel, S., Dhawan, M., & Sharma, S. (2018). ZEUS: analyzing safety of smart contracts. Network and Distributed Systems Security (NDSS). Available at: https://doi.org/10.14722/ndss.2018.230822018.23082.

Leuz, C., Triantis, A., & Wang, T. Y. (2008). Why do firms go dark? Causes and economic consequences of voluntary SEC deregistrations. Journal of Accounting and Economics, 45, 181–208. https://doi.org/10.1016/j.jacceco.2008.01.001.CrossRef

Li, T., Shin, D., & Wang, B. (2019). Cryptocurrency pump-and-dump schemes. Available at SSRN: https://ssrn.com/abstract=3267041.

Li, J., Wu, Z., & Zhang, L. (2020). Family involvement, external auditing, and the cost of debt: evidence from U.S. small firms. Journal of Small Business Management, forthcoming. https://doi.org/10.1111/jsbm.12519.

Liebau, D., & Schueffel, P. (2019). Cryptocurrencies & initial coin offerings: are they scams – an empirical study. The Journal of the British Blockchain Association, 2(1), 1–7. https://doi.org/10.31585/jbba-2-1-(5)2019.CrossRef

Luu, L., Chu, D.-H., Olickel, H., Saxena, P., & Hobor, A. (2016). Making smart contracts smarter. Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, 254–69. https://doi.org/10.1145/2976749.2978309.

Mehar, M. I., Shier, C. L., Giambattista, A., Gong, E., Fletcher, G., Sanayhie, R., Kim, H. M., & Laskowski, M. (2019). Understanding a revolutionary and flawed grand experiment in blockchain: the DAO attack. Journal of Cases on Information Technology, 21, 19–32. https://doi.org/10.4018/JCIT.2019010102.CrossRef

Mense, A., & Flatscher, M. (2018). Security vulnerabilities in Ethereum smart contracts. Proceedings of the 20th International Conference on Information Integration and Web-based Applications & Services, November 2018:375–80. https://doi.org/10.1145/3282373.3282419.

Merton, R. C. (1987). A simple model of capital market equilibrium with incomplete information. The Journal of Finance, 42(3), 483–510. https://doi.org/10.1111/j.1540-6261.1987.tb04565.x.CrossRef

Momtaz, P.P. (2020a). Entrepreneurial finance and moral hazard: evidence from token offerings. Journal of Business Venturing, forthcoming. https://doi.org/10.1016/j.jbusvent.2020.106001.

Momtaz, P.P. (2020b). The pricing and performance of cryptocurrency. European Journal of Finance, forthcoming. https://doi.org/10.1080/1351847X.2019.1647259.

Narayanan, M., & Lévesque, M. (2019). Distributing start-up equity: a theoretical foundation for an emerging practice. Journal of Small Business Management, 57(3), 1066–1085. https://doi.org/10.1111/jsbm.12420.CrossRef

Nikolić, I., Kolluri, A., Sergey, I., Saxena, P., & Hobor, A. (2018). Finding the greedy, prodigal, and suicidal contracts at scale. Proceedings of the 34th Annual Computer Security Applications Conference, December 2018: 653–663. https://doi.org/10.1145/3274694.3274743.

Valkenburgh, P. (2016). Framework for securities regulation of cryptocurrencies (Coin Center Report). Washington, DC.

Title: Initial coin offerings, information disclosure, and fraud
Authors: Lars Hornuf
Theresa Kück
Armin Schwienbacher
Publication date: 29-03-2021
Publisher: Springer US
Published in: Small Business Economics / Issue 4/2022
Print ISSN: 0921-898X
Electronic ISSN: 1573-0913
DOI: https://doi.org/10.1007/s11187-021-00471-y

Springer Professional

Abstract

Publisher’s note

1 Introduction

2 Forms of fraud in ICOs and hypothesis

2.1 Forms of fraud in ICOs

2.1.1 Exit fraud

2.1.2 Securities fraud

2.1.3 Ponzi scheme

2.1.4 Pump and dump, phishing, and hacking

2.1.5 Other fraud

2.2 Information disclosure on GitHub and effects on fraud

3 Data collection

3.1 Methodology for data collection

3.2 Summary statistics on fraud cases

3.3 Summary statistics on ICOs

4 Results

5 Conclusions and policy implications

Acknowledgements

Publisher’s note

Appendix

Other articles of this Issue 4/2022

Cognitive financial constraints and firm growth

Does personality matter? Small business owners and modes of innovation

Business failure and institutions in entrepreneurship: a systematic review and research agenda

Entrepreneur fund-seeking: toward a theory of funding fit in the era of equity crowdfunding

The effects of venture capital investments on industrial innovative opportunities and technological arbitrage opportunities

Entrepreneurial learning in online communities