Willem (https://twitter.com/WVandewieleW) took it upon him to update us on the legal aspects of blockchain and crypto-assets: (1) at the EU level a) the 2018 FinTech Action plan: https://ec.europa.eu/info/publications/180308-action-plan-fintech_en b) the 2019 ESMA report: https://www.esma.europa.eu/system/files_force/library/esma50-157-1391_crypto_advice.pdf c) the 2019 EBA report: https://eba.europa.eu/-/eba-reports-on-crypto-assets (2) at the national level a) Luxembourg b) France c) Italy d) Germany The context was the second (2019) edition of the Computational Law and Blockchain Festival (#CLBFest), Brussels' node.

1. Blockchain & Law
An update
2019 Computational Law & Blockchain Festival
16 March 2019

2. Introduction
 Overview of recent EU statements
 Focus on some selected national initiatives
 Regulatory policy approaches
 New issues arising
1

3. New EU Statements
 Background: EU Fintech Action Plan [2018]
 Two different reports
– European Securities and Markets Authority (ESMA)
– European Banking Authority (EBA)
 Relevancy of the reports
– Reports are advice, not binding regulation
– Guidance about the interpretation of the current legal framework
– Indication about possible new areas of regulation
2

4. 3

5. ESMA Report – Key Considerations
Risks
• At this stage – no financial stability
issues
• Fraud
• Cyberattack
• Market integrity and market
manipulation
• Consumer protection
• Money laundering
Benefits
• Recognition that there are benefits,
but early stage nature of technology
• Tokenization, facilitating the
issuance process, enhancing liquidity
of financial assets (unlisted shares,
syndicated loans), reducing the need
for intermediaries
• Introduction of smart contracts in
order to automate the execution of
contract obligations (reducing risks
and costs)
4

6. ESMA - Legal Framework
Lack of clarity
• Need to clarify
the application
of existing
regulations
Existing regulation
not adapted
• Need to
reconsider
existing
regulations
(Perceived) gaps
in regulation
• Consider need
for new
regulations
5

7. ESMA – Legal Status of Crypto-assets
• Profit rights attached
• Without having necessarily governance rights attached
• Financial instruments
Investment type
• E.g. “voucher”
• [Howey-test?]
• No financial instruments
Utility type
• [Bitcoin]
• “Unlikely to qualify as financial instruments”
Pure payment type
crypto-assets
• Combination of different characteristics
• Assessment to be made on a case by case basisHybrid instruments
6

8. ESMA – Application Existing Framework
 Wide range of EU financial regulations
 Business model chosen will have impact on the concrete
application of the EU financial regulations
 Lack of clarity and precedents about application of certain
regulations
 Guidance likely to continue to evolve …
7

9. ESMA – Prospectus Regulation
Scope of application of the Prospectus Regulation
• Investigate possibility to rely on safe harbours
Application of Prospectus Regulation
• Prospectus Regulation follows certain « disclosure schedules »
• No specific schedules for ICOs/crypto-assets
• Concept of seeking adapated information?
8

10. Prospectus (Example Belgium)
9

11. ESMA - Transparency Directive
Transparency Directive
• Disclosure of accurate, comprehensive and timely
information about issuers whose securities are
admitted on regulated market
Application
• Will depend on whether certain crypto-assets will be
admitted to “regulated markets”
10

12. 11

13. ESMA – MiFID II
 MiFID II: regulation of financial services and activities in
relation to financial instruments
 ESMA focus on the applicability of MiFID II to trading
platforms
12

14. ESMA – Trading Platforms
Platforms trading crypto-
assets with central order
book and/or matching
orders under other trading
plaforms
Regulated Markets
(managed by market
operator)
Multilateral Trading
Facilities (market
operator/investment
firm)
Organized Trading
Facilities (market
operator/investment
firm)
Operators dealing on own
account and executing
orders against their
propietary capital
Broker/dealers
providing MiFD II
services
Platforms used to
advertise buying and
selling interests, no
genuine trade execution or
arranging taking place
Bulletin boards
outside the scope of
MiFID II
13

15. ESMA – Trading Platforms
Capital requirements
•Minimum capital
requirements
Organizational
requirements
•Rules and procedures
for fair and orderly
trading
•Resilience, circuit
breakers and
electronic trading and
tick sizes
•Monitor compliance as
members
•Listing admission
(depending on type of
platform)
Market access
•Transparent and non-
discriminatory rules for
access to their
facilities
•Organizational
requirements for
members
Pre-and post trade
transparency
•Information pre- and
post-trading
Transaction reporting
and obligations to
maintain records
•Reporting on
transactions to
authorities
14

16. ESMA – Trading platforms
 No clearly identified operator for decentralized platforms?
 Conducting checks on individual members is time and resource intensive
and requiring these test may result in loss of advantages of
disintermediation?
 Lack of consistent application of transparency requirements across member
states?
 Current reporting technical standards not adapted to cryptocurrencies
15

17. ESMA – Market Abuse and Short Selling Regulation
 Market Abuse Regulation
– Disclosure of inside information
– Market manipulation
 Issues
– Manipulative trading activity in crypto-assets not qualifying as financial
instruments
– New abuse behaviours (information held by miners, wallet providers
16

18. 17

19. ESMA – Settlement Finality (SFD) and Central Securities
Depositories Regulation (CSDR)
 Securities settlement system
– formal arrangement between 3 or more participants
– with common rules and standarized arrangements
– for the clearing or execution of transfer order orders
– designated as a system by the Member State
18

20. ESMA – SFD and CSDR
 Identification of a system operator and autorisation as a
Central Securities Depository
 Participants in the system: only certain regulated
institutions (banks, investment firms)
 Settlement periods and settlement discipline
– Delivery versus Payment and cash leg?
19

21. ESMA – CSDR – Book-entry form
 Where crypto-assets qualify as transferable securities
and are trade on trading venues, their issuer shall
arrange for such securities to be represented in book-
entry form with an authorized CSD
 Particular form of initial book-entry form determined by
national law, but must be with an authorized CSD
20

22. ESMA – AML
 Bring in scope of AML regulations
– Providers of exchange services between crypto-assets
– Providers of financial services for ICOs
21

23. ESMA – gaps (1)
• Having control of private keys could be considered as
custody
• Technical changes to existing requirements
Custody and
safekeeping
• Greater certainty about application of these concepts
• Governance issues with permissionless DLTs
• Role of miners
Concepts of
settlement and
settlement finality
• Potential need for enhanced requirements
• Novel cybersecurity risks
Risks regarding
technology
22

24. ESMA – Gaps (2)
 Dealing with situations where there is no platform
operator
 Adapting pre- and post-trade transparency requirements
 Reporting requirements
 Study of interaction between crypto-assets and other
financial instruments
23

25. ESMA – Non-financial crypto
 2 options
– Bespoke Regime?
– Do nothing?
24

26. European Banking Authority
 Application of current legal framework
– Electronic Money
• Token issued on the receipt of fiat currency and is pegged to that fiat currency
• Certain other specific cases
– Payment Services Directive
• Payment services in connection with a crypto-currency that qualifies as
electronic money
25

27. European Banking Authority
 “Advice on need for further advice”
– No threat for financial stability
– However, following issues identified
• Crypto-assets custodian wallet provision and crypto-asset trading not regulated
• Consumer protection and market integrity
• Emergence of divergent approaches – concern about level playing field
26

28. European Banking Authority
 Holistic approach
 Activities based approach
 Access points to traditional financial system
 Coordinated international approch
 Future proofing
27

29. National initiatives - Luxembourg
28

30. 29

31. National initiatives - France
 « Loi Pacte »
– Specific French regime for ICOs
– Concerns regarding scope?
– Not yet adopted
 « Ordonnance Blockchain »
30

32. 31

33. National initiatives - Italy
32

34. National initiatives - Germany
 German Blockchain Action Plan
 Ongoing consultation
33

35. 34

36. Smart contracts: legal framework
• Potentially less an issue in permissioned ledgerContract formation
• Potentially less an issue in permissioned ledgersEvidence
• No possibility to cancel a contract (e.g. when questions around validity arise)
• Contracts could be programmed as impossible to breach – no efficient breach possible
• Elasticity can have a positive side
Self-enforcing nature vs. classic
contract doctrines
• General considerations are relevant herePrivacy and data protection
• Who is responsible for the code? (Governance)
• Cf. developments regardng High Frequency Trading – Code to be compliant with existing legislation and need to
monitor compliance
“Management of the code”
• Who is responsible for the code?
Liability issues around irreversible
and automatically executed contracts
35

37. Smart contracts: due diligence
New need for type of legal and technical due
diligence
• Cf. “test environments” under MiFID II (algo trading)
• Transactional/specialist lawyers, smart contract lawyers and
code lawyers
• “The lost tribe”: need to bring lawyers and coders together
Interesting new questions “spirit of the law/code”
36

38. Consortia and IP
 Consider implications of the use of “open source”
software
 Consider the impact of agreements within certain
consortia and the impact on intellectual property rights
(cf. Hyperledger project and licenses)
37

39. 38

40. IP: Race to secure protection
 “Blockchain is very intriguing for us, the technology is fascinating. It’s
very important in the intellectual property world to reserve our spot
even before we know what the commercial application may be”
(Catherine Bessant, Bank of America, WEF, 2016)
 Various patents requested by different institutions (data analytics,
IOT, mobile platform, security, cloud computing, crypotocurrency)
 Race to secure protection: the story of the Wright Brothers and
airplanes in the United States
39

41. RegTech: general considerations
•Financial institutions that pursue strategies not aligned with future regulatory
schemes might have to change course, perhaps at significant cost
Uncertain development
paths
•careful due diligence on every potential regtech partner to ensure their systems
are secure and protected against cyberattacks and data breachesProvider reliability
•Systems that provide regulators with greater access to data may also invite
greater scrutiny, enabling regulators to analyze such information however they
see fit
Increased regulatory
scrutiny
•At a minimum, financial institutions and regulators should build gates into their
systems that enable people to conduct checks and exercise judgment in complex
scenarios.
Limited judgment
•Any time an organization collects data about individuals, it must take steps to
ensure it does not violate privacy rules. This can be particularly difficult because
rules often vary by jurisdiction.
Privacy
40

42. Innovation: Governance and Compliance
NBB best practices
• Governance and organization
• Internal control functions
• IT systems
• Data management
• Consider risks of using fintech
41

43. Innovation: Governance and Compliance
• Develop and implement an innovation strategy
• Board members with expertise, combined with
advisory panel
• Identifable innovation function with bank
(executive board member as head of innovation
• Involve staff from different background and
functions, including compliance
• Innovation friendly culture
• Human resources strategy
Governance
and
organization
42

44. Innovation: Governance and Compliance
• Develop and implement an innovation strategy
• Board members with expertise, combined with
advisory panel
• Identifable innovation function with bank
(executive board member as head of innovation
• Involve staff from different background and
functions, including compliance
• Innovation friendly culture
• Human resources strategy
Governance
and
organization
43

45. Innovation: Governance and Compliance
• Strong involvement of independent
control functions
• Involve risk and compliance functions
at an early stage in the development of
products and services, while
maintaining their independence
• Clear policy for partnerships (start-ups
and Bigtech)
Internal
control
functions
44

46. Innovation: Governance and Compliance
• Link with legacy systems
• Consider use of cloud computing [?]
• Cybersecurity and resilience
IT systems
• Proper data management and
quality
• Swift, broad and continuous access
Data
management
45

47. Some observations to conclude
 Early days - increased scrutiny
 All about the model – e.g. permissioned/permissionless
 Watch the status quo - impact existing regulation
46

48. Some observations to conclude
 Enabling legislation – welcoming jurisdictions
 Beyond financial regulation, e.g. GDPR
 Beyond legal aspects e.g. governance, standard setting
47

49. Long Term Considerations
 Interaction with AI
 Geopolitical issues
 Governance issues
 Antitrust and competition law issues
 “Who will control the decentralized infrastructures?”
48

50. Contact details
Willem.vandewiele@whitecase.com
Twitter @WVandeWieleW
Tel. +32 2 239 25 75
49