The EU is setting up a legal framework for 'cryptoassets' and the use of 'distributed ledger technology' (DLT) in the financial sector. Some such assets may already fall within the regulated scope (where they have the features of a 'security' or 'e-money'), so the European Commission has proposed a new regulation on markets in cryptoassets that aren't covered. This is likely to have a very significant cultural impact on the cryptoasset/DLT world, even though anti-money laundering rules have already been applied. Being a regulation rather than a directive, it would take direct effect in member states without having to be transposed into national law. It will now be considered by the Council of the EU and the European Parliament. The regulation will apply in EU member states 18 months after it enters into force, but immediately for asset-referenced tokens and e-money tokens. This note summarises the regulation.  Let us know if you need help in this area.

Why a separate regulation?

Respondents to a consultation on this topic in 2019 urged the creation of a dedicated regime as beneficial for the establishment of a sustainable cryptoasset ecosystem in the EU. Perhaps this reflects the difference between a common law and civil law view of the world - what the Irish might regard as red tape impeding their right to undertake any activity that is not specifically outlawed, the French would see as a necessary permission to engage in a risky new type of business, and how it should operate. 

Understandably, respondents also wanted legal certainty and harmonisation across member states - particularly as their attitudes and the use of DLT might differ significantly but the needs will be the same. There's also the prospect of 'regulatory arbitrage' and lack of consumer/investor protection in some countries versus others.

At any rate, the intention is for the regulation to create legal certainty, support innovation and fair competition, ensure appropriate levels of consumer and investor protection, market integrity and financial stability, as some cryptoassets have the potential to become widely accepted and potentially systemic - particularly those that are closely linked to existing financial assets (e.g. 'stablecoins'). 

Summary of the Regulation

The regulation creates a new EU legal framework for cryptoassets that do not already qualify as financial instruments, deposits or structured deposits. It governs the activities of cryptoasset issuers and service providers, with uniform requirements for disclosure relating to issuance, operation, organisation and governance, as well as consumer protection measures  and rules to prevent market abuse.

Cryptoassets that fall outside the existing scope of regulation are defined as certain types of cryptographically generated 'token':

  • Asset-referenced token: designed to maintain a stable value by reference to the value of, say, one or more official or 'fiat' currencies, commodities, cryptoassets, or a combination of assets;
  • Electronic money (e-money) token: the main purpose being use as a means of exchange and is valued by reference to a fiat currency;
  • Utility token: intended to provide digital access to a good or service, available on DLT and only accepted by the issuer.

The regulation also defines crypotasset and various roles related to them, including those of 'issuer' and 'cryptoasset services provider'.

Cryptoassets, other than asset-referenced tokens or e-money tokens

Issuers may offer and market to the public in the EU cryptoassets that are not asset-referenced tokens and e-money tokens, or seek an admission to trading on a trading platform for such cryptoassets subject to requirements that include the obligation to produce, publish and notify regulators of a 'white paper' with certain minimum content (specified in Annex 1).

Asset-referenced tokens 

For asset-referenced tokens, the regulation specifies:

  • procedure for authorisation of issuers, additional content for their white papers (specified in Annex 2) and approval of their white papers by a national regulator;
  • exemptions for small-scale tokens and those marketed, distributed and exclusively held by qualified investors;
  • obligations for issuers to act honestly, fairly and professionally in the best interest of token holders and the need for a procedure for an orderly wind-down of their activities;
  • requirements for marketing, disclosures, complaints handling and conflicts of interest;
  • minimum rights for token holders.

There are also rules for the acquisition of issuers, or changes in control.

The European Banking Authority will determine whether an asset-referenced token is 'significant', by reference to certain criteria; and will have the power to specify circumstances and thresholds to determine significance. Issuers of 'significant' tokens will need to hold minimum capital, manage liquidity and ensure interoperability.

E-money tokens

'E-money tokens' as defined in this regulation (as opposed to those loosely referred to as 'e-money tokens' because they are already interpreted as falling within the scope of the E-money Directive) may only be offered or admitted to trading on a cryptoasset trading platform if the issuer is authorised as a credit institution or an electronic money institution within the relevant existing frameworks. 

Just to confuse matters, 'E-money tokens' under this regulation will also be deemed "electronic money" under the E-money Directive (and are therefore "funds" for the purpose of the Payment Services Directive). In other words, this regulation will govern the issue and trading of 'E-money tokens', while the existing e-money/payments regulation will govern their operational use for payment purposes.

In addition, this regulation will require that:

  • holders of e-money tokens must be provided with 'a claim on the issuer' (which is not always the case with cryptoassets);
  • neither issuers nor cryptoasset service providers may grant or pay interest to holders of e-money tokens;
  • the related 'white paper' must contain certain minimum content (specified in Annex 3);
  • there are marketing requirements in relation to an offer of e-money tokens.

E-money tokens may also be classifed as 'significant', with additional obligations for issuers of such tokens, relating to the custody and investment of reserve assets, remuneration, interoperability, liquidity management, and the orderly wind-down of their activities.

Cryptoasset service providers

The European Securities and Markets Authority (ESMA) must establish a register of all cryptoasset service providers, as well as information on cryptoasset white papers notified to ESMA by national regulators.

Cryptoasset service providers will have to act honestly, fairly and professionally and comply with prudential (capital) safeguards and rules on governance, safekeeping, conflicts of interest, outsourcing and complaints handling.

There are specific requirements for custody, execution of orders, and advice; and the change of control or acquisition of cryptoasset service providers.

Market abuse

The regulation bans: 

  • 'market abuse' involving cryptoassets and includes requirements to prevent it, including the concept of inside information and its disclosure by issuers whose cryptoassets are admitted to trading on a trading platform; 
  • insider dealing;
  • the unlawful disclosure of inside information; and 
  • market manipulation.

Conclusion

This new regulation is likely to have a very significant cultural impact on the cryptoasset/DLT world, even though anti-money laundering rules have already been applied to the activities of cryptoasset exchanges and wallet providers. DLT is merely a type of technology, after all, and 'tokens' are a key feature with a wide variety of benefits according to the 'use case' or context. In particular, bringing utility tokens within the scope of what is traditionally 'financial' regulation will mean that many people and businesses that do not see themselves as financial service providers will need to factor that type of 'compliance mindset' into their management and operations - although the General Data Protection Regulation is also similarly broad in its impact on data processing generally.   Let us know if you need help in this area.