by Chris Low

What a CIO needs to know about initial coin offerings

Mar 06, 2018
IT LeadershipSmall and Medium Business

What the small business CIO should learn about initial coin offerings (ICO) versus the traditional initial public offerings (IPO).

bitcoins and dollar bills
Credit: Thinkstock


Initial coin offerings (ICO) are emerging as a viable and popular way to raise money for your business. These are similar to IPOs (initial public offerings) except that buyers are allocated digital tokens or coins in place of shares. These coins may be traded similar to how stocks are bought or sold on stock exchanges. The one major difference is that ICOs do not provide coin buyers any sort of ownership rights.

As of November 2017, more than 200 projects raised over $3.25 billion dollars over ICOs. The total value of ICOs rose seven times between 2016 and 2017 with October 2017 seeing more than $650 million raised. There is a reason why ICOs are becoming so popular among businesses looking to raise capital. The traditional VC funding model is quite restrictive in the sense that there are very few firms deciding on the fate of thousands of startups and small businesses. ICOs are crowd funded and let anybody fund the growth of businesses they are interested in. From a founder’s perspective, another reason why ICOs are so valuable is because they do not have to give up equity in exchange for the money raised. Finally, ICOs are unregulated – as a business, you may be able to secure funds from investors anywhere in the world. This is so much unlike traditional investing that have complex regulations for capital influx from outside the nation borders.

The lack of regulation however is also a reason why investors need to be wary of ICOs. It is not always possible to assess the veracity of the claims made by a startup and as a result, fraudulent ICOs crop up every once in a while. But there are also challenges from the business side; issues that a CIO is responsible for.

ICO security challenges for the CIO

As a business, you might be looking at raising several millions of dollars in funding through ICOs. Given this humongous volume of capital involved, security is a big issue. Yet, the lack of regulations in an ICO make the industry highly susceptible to hacker attacks and other vulnerabilities.

Security exploits

Hackers and data thieves are drawn to any cyberplatform where financial transactions are involved. There have been more than a couple of instances in the recent past when hackers broke into ICOs to steal several millions of dollars of capital. DAO, a decentralized VC fund that ran on the Ethereum platform lost over $150 million due to a recursive Ethereum send exploit. In another instance, Tether, a startup that works with digital exchanges lost nearly $31 million due to a malicious attack while Ripple fell 30% to under $1. As a CIO, it is important to establish a system that is robust and is free of security loopholes. It is a good idea to hire a third party security consultant who has already worked on ICOs to help you create the infrastructure to raise capital.


Investor confidence is of utmost importance in any fund-raising exercise. Late last year, Parity Wallet froze several millions of cryptocurrencies following an accidental deletion of a code library. Accounts frozen included several companies in the process of raising an ICO. While this is no regular occurrence and certainly not something that is in your hands, it raises the important question of bug testing and making sure that your ICO process is without any bugs. Such issues can dramatically bring down investor interest leading to failed ICOs.

How to prepare for an ICO

From a CIO’s perspective, the first and foremost task in an ICO process is to build an authoritative team who have experience with this. If you do not have experts on your payroll, look at hiring them on contract. You may also work out a hybrid contract where you pay them partly in cash and partly in your newly issued digital tokens.

Once you have established the back-end system, the next step is to test it for bugs and security vulnerabilities. You may launch a bug bounty program for ethical hackers and testers to identify critical bugs in your system in exchange for monetary rewards or tokens. It is important to give such hackers sufficient time to penetrate your system and test it for bugs before you launch the actual ICO.

Finally, pick a launch platform for your ICO. Tools like BlockStarter and ICOBOX help businesses navigate through the complex legalities surrounding ICOs. These platforms not only help put you in touch with thousands of potential investors, but also help you draft smart contracts and raise funds.

The launch of an ICO is a company-wide project and the CIO is not responsible for a host of different tasks. However, given the security challenges and the use of technology along the way, it is important for the CIO with the CTO to be present through the entire launching process.