Willem (https://twitter.com/WVandewieleW) took it upon him to update us on the legal aspects of blockchain and crypto-assets:
(1) at the EU level
a) the 2018 FinTech Action plan: https://ec.europa.eu/info/publications/180308-action-plan-fintech_en
b) the 2019 ESMA report: https://www.esma.europa.eu/system/files_force/library/esma50-157-1391_crypto_advice.pdf
c) the 2019 EBA report: https://eba.europa.eu/-/eba-reports-on-crypto-assets
(2) at the national level
a) Luxembourg
b) France
c) Italy
d) Germany
The context was the second (2019) edition of the Computational Law and Blockchain Festival (#CLBFest), Brussels' node.
20190316 - CLBFest - Blockchain & the law - Willem Van de Wiele
1. Blockchain & Law
An update
2019 Computational Law & Blockchain Festival
16 March 2019
2. Introduction
Overview of recent EU statements
Focus on some selected national initiatives
Regulatory policy approaches
New issues arising
1
3. New EU Statements
Background: EU Fintech Action Plan [2018]
Two different reports
– European Securities and Markets Authority (ESMA)
– European Banking Authority (EBA)
Relevancy of the reports
– Reports are advice, not binding regulation
– Guidance about the interpretation of the current legal framework
– Indication about possible new areas of regulation
2
5. ESMA Report – Key Considerations
Risks
• At this stage – no financial stability
issues
• Fraud
• Cyberattack
• Market integrity and market
manipulation
• Consumer protection
• Money laundering
Benefits
• Recognition that there are benefits,
but early stage nature of technology
• Tokenization, facilitating the
issuance process, enhancing liquidity
of financial assets (unlisted shares,
syndicated loans), reducing the need
for intermediaries
• Introduction of smart contracts in
order to automate the execution of
contract obligations (reducing risks
and costs)
4
6. ESMA - Legal Framework
Lack of clarity
• Need to clarify
the application
of existing
regulations
Existing regulation
not adapted
• Need to
reconsider
existing
regulations
(Perceived) gaps
in regulation
• Consider need
for new
regulations
5
7. ESMA – Legal Status of Crypto-assets
• Profit rights attached
• Without having necessarily governance rights attached
• Financial instruments
Investment type
• E.g. “voucher”
• [Howey-test?]
• No financial instruments
Utility type
• [Bitcoin]
• “Unlikely to qualify as financial instruments”
Pure payment type
crypto-assets
• Combination of different characteristics
• Assessment to be made on a case by case basisHybrid instruments
6
8. ESMA – Application Existing Framework
Wide range of EU financial regulations
Business model chosen will have impact on the concrete
application of the EU financial regulations
Lack of clarity and precedents about application of certain
regulations
Guidance likely to continue to evolve …
7
9. ESMA – Prospectus Regulation
Scope of application of the Prospectus Regulation
• Investigate possibility to rely on safe harbours
Application of Prospectus Regulation
• Prospectus Regulation follows certain « disclosure schedules »
• No specific schedules for ICOs/crypto-assets
• Concept of seeking adapated information?
8
11. ESMA - Transparency Directive
Transparency Directive
• Disclosure of accurate, comprehensive and timely
information about issuers whose securities are
admitted on regulated market
Application
• Will depend on whether certain crypto-assets will be
admitted to “regulated markets”
10
13. ESMA – MiFID II
MiFID II: regulation of financial services and activities in
relation to financial instruments
ESMA focus on the applicability of MiFID II to trading
platforms
12
14. ESMA – Trading Platforms
Platforms trading crypto-
assets with central order
book and/or matching
orders under other trading
plaforms
Regulated Markets
(managed by market
operator)
Multilateral Trading
Facilities (market
operator/investment
firm)
Organized Trading
Facilities (market
operator/investment
firm)
Operators dealing on own
account and executing
orders against their
propietary capital
Broker/dealers
providing MiFD II
services
Platforms used to
advertise buying and
selling interests, no
genuine trade execution or
arranging taking place
Bulletin boards
outside the scope of
MiFID II
13
15. ESMA – Trading Platforms
Capital requirements
•Minimum capital
requirements
Organizational
requirements
•Rules and procedures
for fair and orderly
trading
•Resilience, circuit
breakers and
electronic trading and
tick sizes
•Monitor compliance as
members
•Listing admission
(depending on type of
platform)
Market access
•Transparent and non-
discriminatory rules for
access to their
facilities
•Organizational
requirements for
members
Pre-and post trade
transparency
•Information pre- and
post-trading
Transaction reporting
and obligations to
maintain records
•Reporting on
transactions to
authorities
14
16. ESMA – Trading platforms
No clearly identified operator for decentralized platforms?
Conducting checks on individual members is time and resource intensive
and requiring these test may result in loss of advantages of
disintermediation?
Lack of consistent application of transparency requirements across member
states?
Current reporting technical standards not adapted to cryptocurrencies
15
17. ESMA – Market Abuse and Short Selling Regulation
Market Abuse Regulation
– Disclosure of inside information
– Market manipulation
Issues
– Manipulative trading activity in crypto-assets not qualifying as financial
instruments
– New abuse behaviours (information held by miners, wallet providers
16
19. ESMA – Settlement Finality (SFD) and Central Securities
Depositories Regulation (CSDR)
Securities settlement system
– formal arrangement between 3 or more participants
– with common rules and standarized arrangements
– for the clearing or execution of transfer order orders
– designated as a system by the Member State
18
20. ESMA – SFD and CSDR
Identification of a system operator and autorisation as a
Central Securities Depository
Participants in the system: only certain regulated
institutions (banks, investment firms)
Settlement periods and settlement discipline
– Delivery versus Payment and cash leg?
19
21. ESMA – CSDR – Book-entry form
Where crypto-assets qualify as transferable securities
and are trade on trading venues, their issuer shall
arrange for such securities to be represented in book-
entry form with an authorized CSD
Particular form of initial book-entry form determined by
national law, but must be with an authorized CSD
20
22. ESMA – AML
Bring in scope of AML regulations
– Providers of exchange services between crypto-assets
– Providers of financial services for ICOs
21
23. ESMA – gaps (1)
• Having control of private keys could be considered as
custody
• Technical changes to existing requirements
Custody and
safekeeping
• Greater certainty about application of these concepts
• Governance issues with permissionless DLTs
• Role of miners
Concepts of
settlement and
settlement finality
• Potential need for enhanced requirements
• Novel cybersecurity risks
Risks regarding
technology
22
24. ESMA – Gaps (2)
Dealing with situations where there is no platform
operator
Adapting pre- and post-trade transparency requirements
Reporting requirements
Study of interaction between crypto-assets and other
financial instruments
23
26. European Banking Authority
Application of current legal framework
– Electronic Money
• Token issued on the receipt of fiat currency and is pegged to that fiat currency
• Certain other specific cases
– Payment Services Directive
• Payment services in connection with a crypto-currency that qualifies as
electronic money
25
27. European Banking Authority
“Advice on need for further advice”
– No threat for financial stability
– However, following issues identified
• Crypto-assets custodian wallet provision and crypto-asset trading not regulated
• Consumer protection and market integrity
• Emergence of divergent approaches – concern about level playing field
26
28. European Banking Authority
Holistic approach
Activities based approach
Access points to traditional financial system
Coordinated international approch
Future proofing
27
31. National initiatives - France
« Loi Pacte »
– Specific French regime for ICOs
– Concerns regarding scope?
– Not yet adopted
« Ordonnance Blockchain »
30
36. Smart contracts: legal framework
• Potentially less an issue in permissioned ledgerContract formation
• Potentially less an issue in permissioned ledgersEvidence
• No possibility to cancel a contract (e.g. when questions around validity arise)
• Contracts could be programmed as impossible to breach – no efficient breach possible
• Elasticity can have a positive side
Self-enforcing nature vs. classic
contract doctrines
• General considerations are relevant herePrivacy and data protection
• Who is responsible for the code? (Governance)
• Cf. developments regardng High Frequency Trading – Code to be compliant with existing legislation and need to
monitor compliance
“Management of the code”
• Who is responsible for the code?
Liability issues around irreversible
and automatically executed contracts
35
37. Smart contracts: due diligence
New need for type of legal and technical due
diligence
• Cf. “test environments” under MiFID II (algo trading)
• Transactional/specialist lawyers, smart contract lawyers and
code lawyers
• “The lost tribe”: need to bring lawyers and coders together
Interesting new questions “spirit of the law/code”
36
38. Consortia and IP
Consider implications of the use of “open source”
software
Consider the impact of agreements within certain
consortia and the impact on intellectual property rights
(cf. Hyperledger project and licenses)
37
40. IP: Race to secure protection
“Blockchain is very intriguing for us, the technology is fascinating. It’s
very important in the intellectual property world to reserve our spot
even before we know what the commercial application may be”
(Catherine Bessant, Bank of America, WEF, 2016)
Various patents requested by different institutions (data analytics,
IOT, mobile platform, security, cloud computing, crypotocurrency)
Race to secure protection: the story of the Wright Brothers and
airplanes in the United States
39
41. RegTech: general considerations
•Financial institutions that pursue strategies not aligned with future regulatory
schemes might have to change course, perhaps at significant cost
Uncertain development
paths
•careful due diligence on every potential regtech partner to ensure their systems
are secure and protected against cyberattacks and data breachesProvider reliability
•Systems that provide regulators with greater access to data may also invite
greater scrutiny, enabling regulators to analyze such information however they
see fit
Increased regulatory
scrutiny
•At a minimum, financial institutions and regulators should build gates into their
systems that enable people to conduct checks and exercise judgment in complex
scenarios.
Limited judgment
•Any time an organization collects data about individuals, it must take steps to
ensure it does not violate privacy rules. This can be particularly difficult because
rules often vary by jurisdiction.
Privacy
40
42. Innovation: Governance and Compliance
NBB best practices
• Governance and organization
• Internal control functions
• IT systems
• Data management
• Consider risks of using fintech
41
43. Innovation: Governance and Compliance
• Develop and implement an innovation strategy
• Board members with expertise, combined with
advisory panel
• Identifable innovation function with bank
(executive board member as head of innovation
• Involve staff from different background and
functions, including compliance
• Innovation friendly culture
• Human resources strategy
Governance
and
organization
42
44. Innovation: Governance and Compliance
• Develop and implement an innovation strategy
• Board members with expertise, combined with
advisory panel
• Identifable innovation function with bank
(executive board member as head of innovation
• Involve staff from different background and
functions, including compliance
• Innovation friendly culture
• Human resources strategy
Governance
and
organization
43
45. Innovation: Governance and Compliance
• Strong involvement of independent
control functions
• Involve risk and compliance functions
at an early stage in the development of
products and services, while
maintaining their independence
• Clear policy for partnerships (start-ups
and Bigtech)
Internal
control
functions
44
46. Innovation: Governance and Compliance
• Link with legacy systems
• Consider use of cloud computing [?]
• Cybersecurity and resilience
IT systems
• Proper data management and
quality
• Swift, broad and continuous access
Data
management
45
47. Some observations to conclude
Early days - increased scrutiny
All about the model – e.g. permissioned/permissionless
Watch the status quo - impact existing regulation
46
48. Some observations to conclude
Enabling legislation – welcoming jurisdictions
Beyond financial regulation, e.g. GDPR
Beyond legal aspects e.g. governance, standard setting
47
49. Long Term Considerations
Interaction with AI
Geopolitical issues
Governance issues
Antitrust and competition law issues
“Who will control the decentralized infrastructures?”
48