How to conduct offline activities for Web3 safely and in compliance with regulations?

Author of this article: Iris, Lawyer Liu Honglin

In Web3, “holding events” has almost become a standard action for every project party. Do you want exposure? Do you want collaboration? Hosting events and participating in them is definitely one of the best ways to address these two questions.

I don’t know if everyone has participated in the recent Web3 Festival held in Hong Kong. In addition to the large main summit, the surrounding events were diverse and vibrant, ranging from cocktail parties, after parties, technical salons, to meetups, closed-door meetings, hackathons, and forums. One could say that the entire month of April in Hong Kong was filled with a high concentration of Web3.

However, many organizers feel that hosting an event is just about planning a process, inviting a guest, finding a venue or platform, and doing some promotion, which is very simple!

However, in reality, hosting events involves many compliance issues. Especially in the Web3 industry, which has financial attributes, technical characteristics, and cross-border features, the compliance risks of offline activities are far higher than those in ordinary industries. Ignoring these compliance issues is often a major taboo.

Therefore, in this article, Attorney Mankun systematically outlines the common legal issues in Web3 events from the perspective of the event organizers, combining the real hosting logic and practical operational points, as well as pragmatic response strategies, to help project parties and operation teams truly achieve “legal and compliant activities.”

Three-step compliance logic for hosting events

The sensitivity of Web3 activities is not only because they have the shadow of “currency”, but also because they involve too many gray areas across industries, regions, and identities.

Therefore, the real question that event organizers should consider is: During the three stages of event planning, execution, and follow-up, have I truly fulfilled my “due diligence” by anticipating and controlling all potential risks in advance?

Step 1: Event Planning Stage

What activity do you want to hold? This is the first step in all compliance assessments.

Many Web3 organizers often only focus on superficial labels like “technical sharing” and “community gatherings” when planning events. However, from a regulatory perspective, what truly matters is the substance and purpose of the event you are organizing.

Is it promoting tokens? Is it organizing financing? Is it facilitating overseas platforms to operate in the domestic market?

These factors determine the compliance risk level of your activity, rather than what name you use to package it.

Here, Lawyer Mankun categorizes offline Web3 events into three risk levels based on substantive content, drawing from personal experience and judgment:

Low-Risk Activities

For example, purely technology-oriented Hackathons (such as ETHGlobal), R&D Workshops, and closed-door developer communications. Such activities focus on code and products, do not involve financing, and do not promote tokens, resulting in overall lower risks. However, it is also important to be cautious and avoid using tokens for prize distributions or aligning outcomes with Token projects, in order to guard against accusations of “using technology to package token issuance.”

Medium Risk Activities

Typically, events such as industry summits, press conferences, project meetups, and cocktail parties that have a “promotion” or “market warming” nature appear to be light social gatherings. However, if the speeches by guests involve project tokens, media follow-ups are overly enthusiastic, and the identities of participants are complex, they can easily be questioned as “disguised marketing.” Therefore, the organizers of such events need to carefully select attendees, especially speakers; it is also best not to arrange cryptocurrency KOLs as hosts to avoid forming a “token association chain.”

High-Risk Activities

These are basically related to investment and financing or tokens, such as closed-door financing matchmaking meetings, private investor meetings, and token roadshow activities. Once these scenarios are aimed at investors in mainland China, they are likely to violate red lines such as illegal securities issuance and illegal fundraising. To reduce these risks, entry thresholds can be set in advance (e.g., limiting to licensed overseas institutions/not involving tokens), materials can be directed only at overseas audiences, the entire process should not discuss “price expectations” or “investment returns”, and compliance backup records should be retained.

Many organizers may think: “My event is held in Hong Kong, how could there be a problem?” But please note: if your content or distribution reaches users in mainland China, even if the venue is overseas, it may be considered by regulators as “providing services to residents within the territory.”

Therefore, the risk of an event depends not only on where it is held and what it is called, but also on what you say, who is listening, and whether there is any movement of funds.

In addition, when it involves foreign individuals, minors, or specific professional identities (such as financial practitioners), the laws and regulations in some regions may require activity registration or specific permits. If these requirements are ignored, even if the activity itself is not illegal, one may still face inquiries or penalties due to inadequate identity verification.

So, when planning an event, lawyer Mankun suggests that there are three things you must do:

1. Conduct a substantial classification of the activity type, considering the actual content and objectives;

2. Confirm the reach of the activity, especially whether it involves users from mainland China, sensitive countries and regions, and cross-border promotion;

3. Set up a “content compliance line” in advance, which means deciding what to not say, what materials to not send, and which people to not invite.

Remember: you are not planning an event flow, but rather crafting a narrative for compliance behavior. If you classify it incorrectly, being careful later may still lead to mistakes.

Step 2: Activity Execution Phase

The process has been established, and we are now entering the stage of actual “implementation.” However, it is precisely at this stage that compliance issues are most likely to arise due to overlooked details.

Those who have organized events know that planning is one thing, and execution is another. In reality, many issues are not intentionally caused by the planning, but rather occur when “carelessly crossing the red line” during the execution process.

Lawyer Mankun summarized the key issues in the execution phase of the event into three stages:

(1) Does the promotional content cross the line?

Many organizers tend to mislead when designing event materials, creating PPTs, and publishing promotional articles due to improper wording. Special attention should be paid to the following high-frequency “risk terms”:

• “Coming soon/Token issuance/Listing”
• “Airdrop” “Early Subscription” “X-Fold Potential Coins”
• “XX investment institution leads the investment” “Well-known VC endorsement”
• Price prediction, expected returns, investment return descriptions

Once these expressions appear, they may be recognized by regulators as having the tendency of illegal financial activities such as “token sales promotion” and “public fundraising.”

Therefore, it is recommended to establish a unified compliance review mechanism for promotional materials. It would be best to have legal counsel or a lawyer assist in reviewing and assessing all external posters, tweets, event manuals, guest PPTs, etc., to clearly identify which information is “only to be discussed privately and not to be disclosed publicly.”

(2) Are there risks associated with on-site speeches?

In forums or Meetup-type events, the content of guest speeches is often uncontrollable. But please note, as long as the event is organized by the host, the responsibility for the content may “fall back on you.”

In practice, regulatory agencies often do not only look at whether the organizer has “personally promoted” the event. As long as you are the event organizer or hosting platform, whether it is a guest “exposing” information on site, a PPT showing a token roadmap, or an interview segment implying token trading opportunities, regulators may determine that you have not fulfilled your content review obligations, thus bearing joint risks.

Another typical “compliance hidden risk” is the indirect support for overseas platforms or services. For example, a project may arrange for platform representatives to speak at events, provide QR codes for registration, or demonstrate embedded technical products. Although the organizers do not directly involve cryptocurrency or provide trading access, they may ultimately be classified as assisting illegal financial activities due to their “facilitation of overseas platforms operating domestically.”

Therefore, the event organizers must review the content of the guest speeches in advance and provide reminders to the speakers on-site, especially regarding sharing related to currencies, platforms, and projects. They should be careful not to guide investments, display trading logic, or imply price trends. At the same time, during the speeches, they should also try to maintain control of the venue as much as possible.

(3) Are there any loopholes in the funding and venue stage?

Do not underestimate the compliance sensitivity behind “charging admission” or “accepting sponsorship.” Charging admission with crypto assets and accepting token sponsorships can have significant compliance differences in different regions. For example, in heavily regulated areas like mainland China, regulators have repeatedly emphasized that virtual currencies must not be used as payment tools. If an event charges fees through tokens like USDT, it may be regarded as providing virtual currency payment services, which can be classified as “illegal financial activities.”

Even in relatively open areas such as Hong Kong and Dubai, if the sponsor is a sensitive entity such as an unlicensed overseas trading platform or a cryptocurrency investment institution, the event organizer may be considered to be “assisting unlicensed virtual asset service providers in their business activities,” especially when the event includes project promotions and brand exposure, which increases the risk.

At the same time, there are compliance standards for the selection of event venues, such as whether the venue is legal, whether it is open to the public, whether temporary filing is required, whether it exceeds the maximum number of participants, and whether there are overseas attendees or representatives from sensitive countries. Many organizers may not fully consider these issues in the initial planning stage, but in certain jurisdictions, such as mainland China, stepping on a landmine could directly lead to being classified as an “illegal assembly” or “foreign business activities.” In places like Hong Kong, it is also important to use commercial premises and clearly communicate the content of the event to the owners or management organizations to avoid venue disputes arising from the “crypto” nature.

In addition to the three stages mentioned above, the use of data and imagery is becoming a new high-risk area for compliance. Common activities such as full recording of events, collection of participant information, and live streaming on social media, if done without obtaining the necessary authorization or without informing the purpose, may infringe on participants’ portrait rights and privacy rights, and could even trigger compliance red lines in cross-border data flow scenarios.

Step 3: Activity Review Phase

Once the event is over, does it mean everything is “smooth sailing”? Lawyer Mankun believes: not necessarily.

In actual law enforcement, many projects are not held accountable due to problems at the event site, but rather because of the “traces” left after the event has concluded. Particularly in the areas of social media records, data archiving, and sponsorship fund flows, if not handled properly, they can easily become a breakthrough point for subsequent investigations.

Therefore, Attorney Mankun reminds us that a truly complete compliance closed loop must include post-event review management.

(1) Is there a “compliance record” left?

The project team must organize and retain the following key materials after the event concludes, in case of any potential investigations or inquiries:

• Guest speech manuscript, PPT or speech summary version;
• On-site video/audio materials (if recorded);
• Final version of promotional materials and list of distribution channels;
• Registration of basic information of attendees (if there is a registration process);
• Venue leasing, sponsorship agreements, and other contract-related documents;
• Details of income and expenditure for the event, especially the explanatory records related to tokens.

These materials are not intended for “active filing”, but in the future, if faced with compliance inquiries, they can help the project demonstrate the intent of compliance activities and that the organizer has fulfilled reasonable due diligence obligations.

(2) Is there a “Speech Traceability” mechanism?

If there are token-related contents in the event, the organizer needs to establish a speech traceability mechanism, clarifying who provided which content and whether the statements have been reviewed.

Especially for the guest’s self-directed speech part, it is recommended to clarify the legal responsibility of the guest for their own statements by signing a liability statement or risk reminder letter before the event, to avoid a situation where “the guest oversteps boundaries and the organizer takes the blame.”

In addition, there should be prior planning regarding whether the recorded content will be public: which content can be disseminated in the public domain and which is only for internal archiving. If the content involves token information, it is necessary to assess the potential legal implications of its dissemination to specific groups (such as users in mainland China).

(3) Is there an “after-the-fact public opinion handling plan”?

Web3 events are often accompanied by high exposure and community fermentation. An event originally intended for “internal communication” can suddenly trend on social media because of a single statement from a KOL.

In this scenario, the organizer should have a basic response plan in place:

• Is there timely monitoring of the promotional content related to the event?
• If misleading statements or risk comments appear, will they be promptly clarified and removed?
• Can we unify our voice in the community to clarify the compliance boundaries of the activities?

If the dissemination is left unchecked and distorted descriptions such as “organizer publicly presenting projects” and “domestic promotion of tokens” appear, then even if the activity itself is designed to be compliant, it may still encounter pitfalls in the “secondary dissemination.”

Therefore, from a compliance perspective, the “closure” of the event review phase also determines whether the risk loop of this event is truly completed.

Mankun Lawyer Summary

Holding a Web3 event is never just about process arrangements and guest invitations.

Truly safe offline activities rely not on “not having incidents,” but on incorporating legal compliance into every aspect from the very beginning. The earlier compliance is integrated, the more control one has, and the more one can confidently “go out.”

In the increasingly tightening global regulatory environment, every offline event of Web3 is actually a signal released by the project to the outside world, and the organizer and the event itself naturally become the windows for bearing risks. You might think it’s just hosting a cocktail party or organizing a meetup, but in the eyes of regulators, it could be marketing, fundraising, or business development.

Therefore, for the organizers, the optimal path has always been to “control the maximum risk at the minimum cost.”

It is foreseeable that Web3 activities will become increasingly diverse, and the institutional construction behind these activities has already begun.