Decentralised Autonomous Organisations (DAOs): Legal Status, Governance, and Regulatory Challenges in Hong Kong

Introduction

Decentralised Autonomous Organisations — commonly known as DAOs — represent one of the most disruptive and legally complex innovations to emerge from the blockchain and Web3 ecosystem. Operating through smart contracts on public blockchains, DAOs enable communities of token holders to govern shared resources, make collective decisions, and execute transactions without traditional corporate hierarchy or centralised management.

Despite their technological sophistication, DAOs occupy a legal grey zone in most jurisdictions, including Hong Kong. Questions of legal personality, liability, governance enforceability, and regulatory classification remain largely unresolved, creating significant risks for founders, developers, and participants who fail to appreciate the legal implications of DAO involvement.

This article examines the legal status of DAOs under Hong Kong law, the governance and liability risks facing DAO participants, the regulatory implications for common DAO activities, and the emerging approaches to DAO legalisation that practitioners and developers should consider.

What Is a DAO?

A DAO is a community-managed organisation whose rules and governance mechanisms are encoded in smart contracts on a blockchain. Decisions — such as deploying treasury funds, upgrading protocol code, or admitting new members — are made through token-weighted voting, with outcomes automatically executed by the smart contract once a governance threshold is met.

Key characteristics of DAOs include:

Decentralised governance: Decision-making authority is distributed among token holders, with no single controller. In theory, no single individual or entity can unilaterally control the DAO's operations.

Smart contract automation: Governance decisions are encoded and executed on-chain, reducing the reliance on trusted intermediaries for execution.

Token-based membership: Participation in governance is typically tied to holding the DAO's native governance token, which may be freely tradeable on secondary markets.

Treasury management: Most DAOs hold a treasury of digital assets — often worth millions or billions of dollars in aggregate — which is deployed according to governance decisions.

Examples of prominent DAOs include DeFi protocols (such as Uniswap, Aave, and Compound), investment DAOs (such as Flamingo DAO), and social or creative DAOs.

Legal Status of DAOs Under Hong Kong Law

The Absence of Recognised DAO Legal Form

Hong Kong law does not recognise the DAO as a distinct legal form. DAOs have no statutory basis in the Companies Ordinance, the Partnership Ordinance, or any other legislation. As a result, a DAO operating in Hong Kong without being wrapped in a recognised legal structure has no legal personality: it cannot own property, enter contracts, sue or be sued, or open bank accounts in its own name.

Risk of Unincorporated Association or General Partnership

In the absence of a recognised legal structure, courts in common law jurisdictions (including Hong Kong) may characterise a DAO as either:

An unincorporated association: A group of individuals associated for a common purpose but without legal personality. Members of an unincorporated association may have joint and several liability for the association's debts and obligations, meaning that any individual member could be sued for the full amount of a claim.

A general partnership: If the DAO's activities amount to carrying on a business in common with a view to profit, the DAO could be characterised as a general partnership under the Partnership Ordinance (Cap. 38). Partners in a general partnership are jointly and severally liable for the debts and obligations of the partnership, including any torts or regulatory breaches committed in the course of the partnership's activities.

The characterisation of a DAO as a general partnership would be particularly serious for active token holders and governance participants, potentially exposing them to unlimited personal liability for the DAO's obligations.

Illustrative Case: Ooki DAO (United States)

The US Commodity Futures Trading Commission (CFTC) action against the Ooki DAO — in which the CFTC pursued the DAO itself as an unincorporated association and served process on DAO token holders who had voted on governance proposals — illustrates the real-world liability risk facing governance participants, even in jurisdictions other than Hong Kong. While this is a US precedent, it signals the approach that regulators globally may take toward active DAO governance participants.

Governance Structures and Enforceability

Smart Contract Governance

DAO governance typically operates through a combination of on-chain smart contract mechanisms and off-chain social consensus. On-chain governance — where token holders vote directly on executable proposals — is self-executing but inflexible. Off-chain governance — where discussions occur on forums (e.g., Snapshot votes) and results are implemented by a multisig committee — is more flexible but relies on trusted delegates.

Enforceability of DAO Rules

Whether DAO governance rules (as encoded in smart contracts or articulated in DAO constitutions) constitute enforceable legal agreements under Hong Kong contract law is uncertain. Key issues include:

• Whether DAO participation involves a meeting of minds and offer-and-acceptance sufficient to constitute a binding contract
• Whether smart contract code alone constitutes a legally enforceable agreement, or whether off-chain documentation is required
• Whether governance token holders owe fiduciary or other duties to the DAO or to other token holders

In the absence of a governing legal structure, DAO participants may find that disputes are difficult to resolve through conventional legal processes, and that governance decisions are unenforceable against resistant parties.

Regulatory Implications

Securities Law

DAO governance tokens may constitute "securities" or "collective investment scheme" interests under the Securities and Futures Ordinance (SFO), depending on their characteristics. If token holders pool capital and share in the profits or losses of the DAO's treasury activities, the governance token may be characterised as a CIS interest, triggering SFC authorisation requirements for offering and dealing.

Founders and developers who distribute governance tokens through initial airdrops, liquidity mining, or token sales must carefully assess the regulatory classification of their tokens to avoid inadvertently constituting an unauthorised CIS or conducting unlicensed dealing in securities.

Virtual Asset Trading Platform (VATP) Regulation

DAOs that operate decentralised exchanges (DEXs) or automated market makers (AMMs) must consider whether their activities constitute "operating a virtual asset trading platform" requiring a VATP licence from the SFC. The SFC has indicated that the decentralised nature of a DEX does not automatically exempt it from regulation — relevant factors include whether there is a central operator (developer team, foundation, multisig holders) who controls or substantially influences the platform's operation.

AML/CFT Obligations

DAOs that facilitate transfers of virtual assets between users may be characterised as virtual asset service providers (VASPs) under the Financial Action Task Force (FATF) framework and Hong Kong's Anti-Money Laundering and Counter-Terrorist Financing Ordinance (AMLO). VASPs are required to implement AML/CFT programmes, conduct customer due diligence, and comply with Travel Rule requirements. The decentralised nature of a DAO does not necessarily exempt it from VASP obligations if a sufficient degree of centralised control exists.

Investment and Fund Management Activity

Investment DAOs that pool capital from multiple participants for collective investment in digital or traditional assets may constitute collective investment schemes requiring SFC authorisation. The managers or promoters of such DAOs may require SFC licensing for asset management (Type 9) or investment advisory (Type 4) activities.

DAO Legalisation Strategies

Given the significant legal risks of operating an unwrapped DAO, practitioners advise founders and developers to consider "legalising" their DAO by wrapping it in a recognised legal structure. Common approaches include:

Foundation Companies

Many prominent DAOs establish a non-profit foundation (typically in the Cayman Islands, BVI, or Singapore) to hold the DAO's intellectual property, enter commercial contracts, and manage regulatory compliance on the DAO's behalf. The foundation is governed by a board of directors and operates under its constitutional documents, while the underlying on-chain governance remains with token holders.

Cayman Islands DAO LLC

Certain jurisdictions have enacted legislation specifically permitting the registration of DAOs as legal entities. The Cayman Islands DAO LLC framework (introduced through amendments to the Limited Liability Companies Act) allows a DAO to register as a Cayman LLC whose governance is expressly determined by its smart contract, with the registered entity shielding members from personal liability.

Wyoming DAO LLC (US)

Wyoming enacted the first US DAO LLC statute in 2021, allowing DAOs to register as LLCs with governance defined by smart contracts. While a US structure may not be optimal for Hong Kong-based founders, the Wyoming model has influenced subsequent DAO legislation in other jurisdictions.

Hong Kong Company Wrapper

For DAOs with significant Hong Kong nexus (e.g., teams, users, or treasury activities concentrated in Hong Kong), incorporating a Hong Kong company (limited by shares or guarantee) to act as the operational entity of the DAO provides legal certainty and limited liability for participants, while the on-chain governance structure continues to operate in parallel.

Liability Exposure for DAO Participants

DAO participants must be aware of the following potential liability exposures:

Governance voters: Token holders who vote on proposals that result in unlawful activity (e.g., approving transactions that constitute unlicensed securities dealing or market manipulation) may be personally liable as members of an unincorporated association or partnership.

Developers and core contributors: Developers who deploy and maintain smart contracts underlying a DAO may be characterised as principal controllers of the DAO's activities and face regulatory or civil liability for the DAO's actions, even if they no longer hold tokens or participate in governance.

Multisig signatories: Members of multisig committees who execute DAO treasury transactions are clearly identifiable actors who may be targeted by regulators or claimants seeking redress for DAO actions.

Practical Guidance for DAO Founders and Participants

Obtain legal advice before launching: The legal and regulatory analysis of a DAO is highly fact-specific. Founders should seek advice from practitioners with experience in both virtual asset regulation and corporate law before deploying governance token mechanisms or DAO treasury structures.

Consider a legal wrapper from day one: Rather than retrofitting a legal structure after the DAO has launched and attracted participants, founders should establish a legal wrapper (foundation, LLC, or company) at the outset to provide liability protection and regulatory clarity.

Assess token regulatory classification: Work with legal advisers to assess whether governance tokens constitute securities, CIS interests, or payment tokens under Hong Kong law, and structure any token distribution accordingly.

Document governance and decision-making: Maintain clear off-chain documentation of governance decisions, including the rationale for major treasury deployments, to evidence that the DAO's operations were conducted transparently and in good faith.

Monitor regulatory developments: DAO regulation is evolving rapidly globally. Monitor SFC guidance, FATF recommendations, and developments in other jurisdictions to stay ahead of regulatory change.

How Alan Wong LLP Can Help

Our digital assets and virtual assets practice advises DAO founders, developers, investors, and governance participants on the legal and regulatory implications of DAO structures. We assist with the selection and establishment of appropriate legal wrappers, governance document drafting, regulatory classification of governance tokens, AML/CFT compliance design, and risk management for DAO-associated activities.

If you are involved in founding, developing, or participating in a DAO, please contact our team for a confidential discussion of your legal and regulatory position.