Please outline the principal legislation and the regulators most relevant to the use of blockchain technologies in your jurisdiction. In particular, is there any blockchain-specific legislation or are there any blockchain-specific regulatory frameworks in your jurisdiction, either now or envisaged in the short or mid-term?
There are currently no specific regulations or legislation dealing with blockchain in Australia. The Australian Securities and Investments Commission (ASIC), Australia’s primary corporate, markets, financial services and consumer credit regulator, has reaffirmed the view that Australian legislative obligations and regulatory requirements are technology-neutral and apply irrespective of the mode of technology that is being used to provide a regulated service.
Following Ordinance n° 2016-520, of 28 April 2016, relating to cash vouchers, designated as “minibons” (a particular type of promissory note), Ordinance n° 2017-1674 of 8 December 2017 (subsequently completed by Decree n° 2018-1226 of 24 December 2018) extended to any and all unlisted securities (“titres financiers”), including in particular shares and bonds, their aptitude to be legally represented for any purposes (including for issuance and transfer purposes) by a “dispositif d’enregistrement électronique partagé” (“DEEP”, a shared electronic registration system – such as the blockchain), provided that such system “presents guarantees, in particular in terms of authentication, at least equivalent to those offered by a [(traditional)] registration in a securities account “.
More recently Law n° 2019-486 of 22 May 2019 (known as the “loi PACTE”) has created a special regulated status for certain “prestataires de services sur actifs numériques” ( “PSAN”, digital assets service providers). Any such service providers providing custody services in respect of digital assets (i.e assets other than financial instruments, which may in particular be issued, registered and transferred within a DEEP) must be licensed with the Autorité des Marchés Financiers (AMF – French Financial Markets Authority). Other service providers in this field generally benefit from an optional registration or license.
Currently, there are no specific legislations or regulatory frameworks with regard to the use of Blockchain technologies in Germany. The use of Blockchain technology is not subject to an authorisation requirement in and of itself because, first and foremost, it is simply a form of technology.
However, different configurations are possible and the Blockchain application in different areas is conceivable. Therefore, banking law may, for example, apply to the granting of loans or payment via Blockchain if digital means of payment are regarded as financial instruments within the meaning of the German Banking Act (Kreditwesengesetz, “KWG”). Antitrust law, for example, must be observed for purchasing platforms that are organized decentrally with Smart Contracts. Public authorities must also be involved, for example the BaFin (Bundesanstalt für Finanzdienstleistungsaufsicht, “BaFin”) for financial products or the Federal Network Agency (Bundesnetzagentur) for energy supplies or communication services.
As already outlined above, in September 2019 the German government developed and published a Blockchain strategy. The government’s aim is to design the legal framework in such a way that it offers sufficient investment security.
In Ireland, there is no blockchain specific legislation or blockchain specific regulatory framework, nor are there any specific proposals envisaged in the short or mid-term (subject to our comments at question 8 below in relation to the forthcoming changes to the Irish AML regime required under the 5th Anti-Money Laundering Directive (5AMLD)). However, depending on the particular use case and activities being carried out by a particular blockchain business, some or all the following Irish laws and regulations are likely to be relevant:
- European Union (Markets in Financial Instruments) Regulations 2017 (the MiFID II Regulations);
- European Union (Payment Services) Regulations 2018 (the Payment Services Regulations);
- Prospectus (Directive 2003/71/EC) Regulations 2005, as amended (the Prospectus Regulations);
- European Union (Market Abuse) Regulations 2016 (MAR);
- Criminal Justice (Money Laundering and Terrorist Financing) Act 2010 (CJA 2010), as amended;
- European Communities (Electronic Money) Regulations 2011 (E-Money Regulations);
- European Union (Alternative Investment Fund Managers) Regulations 2013, as amended (AIFMD);
- Consumer protection laws including the Central Bank of Ireland's (CBI) Consumer Protection Code; and
- Irish e-commerce and Irish privacy law.
For the most part, the Irish laws referred to above are derived from corresponding EU-level directives and regulations.
Similarly, there is no blockchain specific regulatory authority in Ireland. However, depending again on the particular use case and the activities being carried out by the particular blockchain business, it may fall under the supervisory authority of a number of Irish regulators. For example, a blockchain business providing regulated financial services would be subject to regulation by the CBI. Similarly, a blockchain business may be subject to the authority of the Competition and Consumer Protection Commission (CCPC) if it provides services to Irish consumers, or to the authority of the Data Protection Commission (DPC), if it is involved in processing or controlling personal data relating to Irish citizens.
The increasing attention on technological developments recently led to the Italian government: (a) issuing innovative regulations governing blockchain and cryptocurrencies (among other things); and (b) establishing specific funds to support fintech developments and encourage investments in areas connected to artificial intelligence, blockchain, the internet of things and cybersecurity.
More specifically, in February 2019 the Italian legislator was one of the first in Europe to publish a law (Law No. 12/2019) introducing the definition of DLT to recognise the legal effects of electronic time stamps under Art. 41 of EU Regulation No. 910/2014 and the storage of an electronic document through a DLT.
To date, implementing technical standards setting out DLT requirements that ensure these transactions have legal effect are yet to be published (see question 7). However, the new standards mark a significant step forward in developing blockchain technology in Italy and follow Italy joining the European Blockchain Partnership Initiative in September 2018 and signing the Southern European Countries Ministerial Declaration on Distributed Ledger Technologies shortly thereafter in December 2018.
The regulators most relevant to the use of blockchain are (among others) the Ministry of Economy and Finance (MEF), Ministry of Economic Development (MiSE), the Bank of Italy (BoI), Consob, IVASS, and the Data Protection Authority, all of which are part of the newly established fintech committee (see question 5).
No blockchain-specific regulatory framework currently exists in Japan, nor is such regulatory framework anticipated in the near future. Accordingly, blockchain or related businesses and services will be regulated under existing laws or regulations, depending on the legal characteristic of the token minted on a blockchain or the substance of such services.
For example, if the tokens minted on a blockchain (“Blockchain-minted Tokens”) fall within the definition of “Crypto Asset” under the PSA, then a business operator who purchases or sells such tokens in the course of its business will be regulated as a Crypto Asset exchange service provider (“Exchange Provider”).
(i) a person who sells, purchases or handles the public offering of Blockchain-minted Tokens that fall within the definition of “securities” under the FIEA must be registered as a Type I Financial Instruments Business Operator;
(ii) an issuer of Blockchain-minted Tokens that are pegged to fiat currencies (such as the JPY or USD) (“Stable Coin”), or an affiliate of such issuer, who guarantees the redemption of such Stable Coins in fiat currencies may be required to undergo licensing as a fund remittance business operator (“FRBO”) under the PSA , or as a Bank under the Banking Act; and
(iii) a business operator who handles the personal information of its users may be subject to the Act on the Protection of Personal Information (“APPI”).
On the regulatory front, the Tokens & Trusted Technologies Law, or TTTL, which will regulate certain business projects based on ‘trusted technologies’ such as distributed ledger technology, of which the blockchain technology is the most prominent use case will come into force 2020/01/01.
Through this regulation, the government is aiming to support and monitor through balanced regulation that creates legal certainty; ensuring assistance while also avoiding uncontrollable growth. This legal certainty is reached by creating a transfer regime applicable to token transactions analogous to the system of the law of property and its transfer of rights in rem. Ultimately, the TTTL is targeted at creating a friendly regulatory environment for entrepreneurs and consumers alike.
Adapting pre-existing legislation, the TTTL avoids pigeonhole definitions by remaining technologically neutral. For example, as opposed to breaking down tokens into pre-existing classifications such as utility or security, the law defines a token as information on a TT system, that can represent rights, which are assigned to a TT identification tool. In other words, this definition makes it clear that a token can embody a right to something, such as property, which is already defined in the pre-existing legal framework; or, a token can embody a right to nothing, in the physical sense, which is not defined within the pre-existing legal framework.
TT systems are transaction systems, which ensure secure transmission and retention of tokens by use of trusted technologies. These technologies ensure the integrity of tokens, association of tokens with their TT identifier (eg. public key) and the user’s disposal of tokens on TT systems.
This need for a technologically neutral definition led to the coinage of what we like to call the “Token Container Model,” or TCM. This model described how any right may be tokenized, stating that the respective token will serve as a technical container holding the right represented therein. Within this framework, a token serves as a container with the ability to hold rights of all kinds, whether that be the right to something underlying – examples including real estate, stocks, bonds, and gold; or the right to nothing underlying – encompassing digital code, the most notable example being Bitcoin. Consequently, this progressive model provides legal certainty surrounding the rights to digital information on blockchain based systems.
Further defining elements of the token economy, the TTTL puts forth various roles and requirements such as the following:
- TT Identifier: A unique identifier enabling allocation of tokens (e.g. a public key).
- TT Key: A key enabling disposal of tokens (e.g. a private key).
- Basic Information: A requirement to put forth basic information on tokens offered to the public, allowing a user to develop an informed opinion in regards to the rights and risks associated with the tokens, as well as the rights and risks related to the involved TT Service providers.
- TT Service Provider: A person or entity carrying out functions within a token economy.
- Token Issuer: A person or entity offering tokens to the public on its own behalf or that of another person or entity
- Token Generator: A person or entity generating tokens.
- TT Key Holder: A person or entity acting as a custodian, holding the keys on behalf of the principal.
- TT Token Depositary: A person or entity who holds tokens on behalf of another person or on another person or entity’s account.
- Physical Validator: A person or entity who ensures the existence and enforcement of contractually obligatory rights to property represented on a TT system – in the sense of property law.
- TT Protector: A person or entity holding tokens in their own name on a TT system for the benefit of a 3rd party.
- TT Exchange Service Provider: a person or entity who exchanges fiat (legal tender) for tokens (or vice versa), as well as tokens for other tokens.
- TT Verifier: A person who verifies the legal capacity and requirements for token disposal.
- TT Price Service Provider: A person or entity providing TT system users with aggregated price information based on buy and sell offers or completed transactions.
- TT Identity Service Provider: A person who identifies the person authorized to dispose of a token on a TT system, and enters or registers this person in a directory.
Not only providing basic definitions, the intuition of this law is witnessed by the creation of roles such as that of the physical validator. Recognizing that these decentralized systems are operating in a world traditionally subject to centralized and regulated intermediaries, this particular role provides licensed intermediaries with an opportunity to assist with bridging the gap between the online and offline worlds. This is accomplished by the physical validator ensuring that the physical object and associated rights to be tokenized on the TT system actually exist.
Furthermore, the law provides guidelines in the event that a user holding a token embodying a right loses access to their token, such as the loss of a private key, highlighting the existence of court proceedings for proof of ownership, as well as prescribing mechanisms for the burning of tokens that are rendered invalid.
At its core, the TTTL is focused on adapting pre-existing laws to foster legal certainty within a token economy, including adaptations of the Liechtenstein Persons and Companies Act, Trade Act, Due Diligence Act, and Financial Market Authority Act.
Dutch legislation is technology-neutral as matter of principle. No blockchain-specific legislation is in place. Blockchain applications are popping up across a wide, diverse range of sectors and industries, and in each case different regulations may apply and different regulators may be involved, depending on the specific application.
In many blockchain applications, privacy (Data Protection Authority; "AP") and competition (Netherlands Authority for Consumers and Markets; "ACM") regulators play a role. However, in the financial sector, the regulators are the Dutch Central Bank ("DNB") and the Dutch Authority for the Financial Markets ("AFM"). Other sectors (for example, healthcare, food, and transport), all have their own regulators.
At present there is no separate law in Russia regulating the use of blockchain technologies. However, in 2019 the State Duma (the lower chamber of the Russian Parliament) adopted the amendments to the Civil Code related to the “digital rights” concept. These amendments came into force in October 2019. The most important changes are:
- Digital rights are now understood as a special type of right that are determined (including, inter alia, their scope and conditions) by a special information system. The execution, transfer, pledge, and other actions with such rights are possible inside the information system only.
- Improvement of the rules of the Civil Code concerning the form of transactions. Written form of a transaction will be considered completed if a transaction is committed by electronic or other technical means (e.g.: by pressing “ok” or “agree” on a webpage). However, there is a certain limitation: it is necessary to determine exactly the person who expressed his will. That means, that an electronic contract will be considered as concluded if a preliminary authentication of the parties is done. Furthermore, this type of contract should always presume a possibility to reproduce its content completely in an original (usually printed) form.
- A new type of contract concerning rendering services on granting information was included in the Civil Code. These provisions are legalizing the collection and processing of significant amounts of depersonalized information (Big Data) and prescribe, that such agreement may contain an obligation of one or both parties not to disclose to third parties the information received or analysed within the frames of this contacts.
There is no existing blockchain-specific legislation or regulatory framework in Korea. The Korean regulatory authorities have not provided clear insight on the classification of cryptocurrencies under Korean law. However, the Financial Supervisory Service (the “FSS”) issued a press release on June 23, 2017 clarifying that from a Korean financial regulatory perspective cryptocurrencies are not considered (i) fiat currencies, (ii) prepaid electronic means or electronic currencies or (iii) financial investment instruments. Unfortunately, the FSS’ press release does not provide any guidance on how cryptocurrencies are classified and in what legal form.
On the other hand, by ruling on May 30, 2018 that cryptocurrencies can be confiscated as criminal proceeds, the Supreme Court of Korea recognized cryptocurrency as legal property. The FSS announcement and the Supreme Court ruling are both too narrow in scope to clarify how cryptocurrencies will be classified in any subsequent cryptocurrency laws or regulations in Korea.
There are no blockchain technology specific regulations as to this date, and as far as we are aware, there is no such legislation envisaged in the short or mid-term either. This is of course one of the main challenges with blockchain technology. It is a novel technology which in many ways does not fit in with the current legal framework, and the absence of new legislation specifically addressing it creates a legal vacuum. This means one often has to use the existing legal framework and force blockchain to fit within that framework, which of course is not ideal.
In our view, the principal supervisory authorities likely to make inroads in the blockchain space are the Swedish Financial Supervisory Authority (the “SFSA”) and the Swedish Data Protection Agency.
There are currently no laws specifically addressing the use of blockchain technology in Switzerland. The Swiss financial regulatory framework, in particular, is generally principle-based and technology-neutral, eschewing overly prescriptive or detailed rules. This has been perceived as conducive to innovation in the financial sector while at the same time creating a level playing field between traditional players and (potential) disruptors. On this basis, for all intents and purposes, blockchain-based financial services businesses have to comply with the same rules and regulations as brick-and-mortar or online institutions that do not make use of this technology. Depending on the specifics of a particular business model, in particular, Swiss regulation on banking, securities, AML, collective investment schemes, insurance, consumer credit or financial market infrastructures may apply. Furthermore, Swiss data protection legislation must be observed.
That said, with the development of the blockchain industry, certain shortcomings of the existing legal framework have become apparent, e.g. the civil law requirement for a written instrument to effect a valid transfer and assignment of claims (see question 14) or the general concept of anti-money laundering regulation attaching to financial intermediation activities where the technological development aims at reducing dependency on intermediaries. To address some of these concerns, certain blockchain-specific legislation is currently being prepared at the federal level (see further questions 5 to 7).
The main regulator in the Swiss financial market is the Swiss Financial Market Supervisory Authority FINMA, with certain regulatory and supervisory activities being exercised by recognised self-regulatory organisations (SRO). Some of the regulations issued by self-regulatory organisations have been recognised by FINMA as minimum standards (e.g. in the area of money laundering prevention).
There is yet no blockchain-specific legislation in Uganda. The closest principal legislations that might be considered remotely relevant are the Electronic Transactions Act, 2011 to the extent that it deals with digital transactions generally, and the Electronic Signatures Act, 2011. But these laws do not specifically describe blockchain or digital ledger technology the way laws elsewhere have.
The Electronic Transactions Act in particular defines digital signatures to mean a transformation of a message using asymmetric cryptosystem. The Act further defines the use of “private keys” and “public infrastructure keys,” and provides for attributes that may be considered relevant to the use of blockchain technology. To the extent that a blockchain is a public and private key database, this statute is worthy of note. However, this statute is very technology descriptive. At its core, the statute anticipates the creation of a central authority to oversee a public key infrastructure that need not be built on the blockchain. In addition, that this kind of centrality is exactly what blockchain aims to distribute, thus the entire system can effectively replaced by a blockchain, the risks of hacking this central authority would in fact justify the use of blockchain. Moreover, given the ever-changing nature of the blockchain industry, even if this law were to be stretched in its applicability, it would soon be obsolete. The law also does not deal with some of the most pertinent issues in the industry, some of which have enlisted the cautionary approach discussed elsewhere in this article.
A National Payment Systems Bill is currently before Cabinet for consideration. Although the law is not designed like other Digital Ledger or blockchain legislation elsewhere, should this bill pass into law in its current form, it would require that all persons who are moving value on blockchain platforms be licensed by the central bank.
There have been public pronouncements including some from the Ministry of Finance and the Central Bank expressing support for blockchain technology but urging caution on cryptocurrency. Stakeholder engagements are ongoing with various regulators including the central bank, the Capital Markets Authority, Financial Intelligence Authority, Uganda Free Zones Authority. All these regulators are under the political and technical oversight of the Ministry of Finance. Such engagements have included the Africa Blockchain Conference 2018 and 2019, and a workshop on Cryptocurrency and the Law hosted by the Central Bank on October 10, 2019.
There is also a National Taskforce on the 4th Industrial Revolution that has a working group on Governance issues and their work may recommend relevant legislation. Given these developments, some form of legislation or regulation is therefore expected in the short to midterm.
There is no blockchain-specific legislation or regulatory framework in the UK. Recent statements from UK regulators signal, however, that this may be subject to change in the future. It would, however, be incorrect to assume that applications of blockchain are currently outside the scope of existing legal and regulatory regimes. There are several touch points where—depending on the precise nature of the application—existing frameworks will be engaged.
An immediate example of such a touch point is the fifth Money Laundering Directive as implemented in the UK (“MLD5”). This explicitly references the blockchain architecture surrounding cryptocurrencies, bringing virtual currency exchange platforms and custodian wallet providers within the scope of anti-money laundering regulation such that they will be required to implement anti-money laundering (“AML”) and counter terrorist financing (“CTF”) policies, controls and procedures, and will be subject to reporting requirements.
Other areas of UK law, which are technology neutral but which may be engaged by a blockchain application, include data protection, property law, tax, insolvency law, privacy law, payment services and e-money regulations, intellectual property law, and rules regarding financial promotions (which may be engaged on an Initial Coin Offering or “ICO”). Applications of blockchain technologies may also fall within the perimeter of investments and activities regulated by the FCA and the Prudential Regulation Authority (“PRA”). For example, in April 2018 the FCA confirmed that cryptocurrency derivatives are capable of being financial instruments under the Markets in Financial Instruments Directive II (“MiFID II”) and so it is likely that dealing in, arranging transactions in, advising or providing other similar services in relation to derivatives that reference either cryptocurrencies or tokens issued through an ICO will require authorisation from the FCA. The FCA has, moreover, recently confirmed that certain types of cryptoassets will fall within its regulatory regime (discussed in further detail at question 6 below). Notably, cryptocurrencies such as Bitcoin currently remain outside of the regulatory perimeter.
Casting forwards, there are signs that the UK’s legal and regulatory regimes may be expanded to embrace a broader range of blockchain applications in the near future. The UK is in a somewhat transitional phase as the legislature seeks to establish legal principles from which to approach blockchain technologies. Most significantly in this area, the UK Jurisdiction Taskforce (“UKJT”)—a body which brings together the Judiciary, the Law Commission of England and Wales as well as technology and legal professionals—published on 18 November 2019 a legal statement which seeks to provide answers to critical legal questions as regards the status of cryptoassets and smart contracts under English and Welsh private law. This includes consideration of: (i) the ability of cryptoassets to be characterised as personal property; and (ii) the circumstances in which a smart contract is capable of giving rise to binding legal obligations. This legal statement may provide the foundation for further evolution of the UK’s legislative approach to blockchain technologies.
In addition, Her Majesty’s Treasury (“HMT”) is currently considering: (i) bringing further cryptoasset service providers within the scope of the UK AML and CTF regime; and (ii) examining whether the regulatory perimeter needs to be expanded to include more categories of (currently unregulated) cryptoassets. Historically, both the FCA and PRA have taken a “technology neutral” approach to regulation, meaning the use of new technology alone has not affected how they make judgements, but this may be subject to change following HMT’s review. Moreover, the FCA has recently consulted on rules to ban the sale, marketing and distribution of derivatives and exchange traded notes that reference certain types of unregulated, transferable cryptoassets to all retail clients by firms in, or from the UK (FCA Consultation Paper 19/22 (“CP19/22”)). The outcome of this consultation is expected in Q1 2020.
Blockchain is not unheard of at the state or federal level in the US despite the minimal to non-existent formal rulemaking, but there is no comprehensive set of legislation to govern such technologies. There is a general acknowledgment that blockchain technology is an important part of the US’s objective to remain at the forefront of innovation; however, similar to the reach of the technology, the legal questions remain widespread and ill-defined. The concerns are both industry-specific and application-specific, thus affecting a broad spectrum of the legal framework, ranging from tax law, securities law, intellectual property law, consumer protection/data privacy law, sales and banking regulations, advertising law as well as estate planning, and various cross-border implications of the borderless technology. However, across all these fields, the US’s approach thus far is “wait-and-see” with the impact of any legislation or regulation being heavily considered in part due to a lack of full understanding of the technology and in part due to the effects on innovation such regulation could result in. This hesitation is reflected at the federal level, with the main attention to blockchain coming from the administrative and agency level, with a focus on the financial industry and crypto assets. Rather than issuing express regulations, warnings and guidelines have been the preferred method of intervention. At the state level, legislatures are more active, mainly in the cryptocurrency sphere (see question 8) but these range from outright hostility to the technology to blanket exemptions from applicable rules. The US generally prefers case-by-case enforcement on specific applications of blockchain technologies (see question 18); however, there have been active attempts to put blockchain bills in front of the Senate. In February 2019, the Blockchain Promotion Act was reintroduced for the second time and approved in July. This bill established a blockchain working group within the Department of Commerce, which will be working over the next year to provide a formal definition of blockchain that is able to keep abreast with the fast evolution of the technologies and application of blockchain, which would be another step in the direction of enabling coherent legislation. In April, another blockchain-related bill was introduced, the Token Taxonomy Act, which could clarify the status of certain cryptocurrency activities.
There is no legislation specifically governing the use of blockchain technologies in Singapore. However, Singapore’s upcoming Payment Services Act (No. 2 of 2019) (“PS Act”) which regulates service providers in sectors where use of blockchain technology is prevalent is of significant relevance. Also, relevant is the proposed securities market regulation regime described in the RMO Consultation (as defined below).
Aside from these proposed regulatory frameworks, existing legislation and regulations have been or are also either being expanded or clarified to address blockchain-related aspects. For example, with many blockchain protocols or applications involving the use of digital representations of rights (most commonly in the form of digital tokens), MAS has clarified that offers or issuances of such digital tokens will be regulated if such digital tokens are capital markets products under the existing Securities and Futures Act of Singapore (Chapter 289) (“SFA”). In this regard, the MAS published and subsequently updated a guide entitled “A Guide to Digital Token Offerings” (“MAS Guide”), which aims to provide general guidance on the application of the SFA and other relevant laws administered by the MAS in relation to offers or issuances of digital tokens in Singapore including offering illustrations on digital token features that would result in such digital tokens being regulated.
Blockchain industry associations such as the Association of Cryptocurrency Enterprises and Start-ups Singapore (“ACCESS”) has also promoted self-regulation. ACCESS had launched its industry-driven Standardisation of Practice In Crypto Entities (“SPICE”) initiative which promotes, amongst others, best practices to strengthen regulatory compliance for the digital asset industry. In furtherance of the SPICE initiative which is facilitated by the MAS and developed in consultation with the Association of Banks in Singapore, ACCESS released in August 2019 a draft code of practice aimed at complementing Singapore’s PS Act by proposing a standardised set of best practices to tackle anti-money laundering and countering the financing of terrorism (“AML/CFT”) and know-your-customer compliance, as well as other key issues relevant to crypto-asset and blockchain companies.
The PS Act, which is anticipated to come into force in early 2020, streamlines the regulation of payment services within a single activity-based legislation. Under the PS Act, any entity providing account issuance, domestic money transfers, cross border money transfers, merchant acquisition, e-money issuance, digital payment token, or money-changing services in Singapore will need a payment services licence unless exempted.
Under the PS Act, a “digital payment token” is defined as, “ … any digital representation of value (other than an excluded digital representation of value) that — (a) is expressed as a unit; (b) is not denominated in any currency, and is not pegged by its issuer to any currency; (c) is, or is intended to be, a medium of exchange accepted by the public, or a section of the public, as payment for goods or services or for the discharge of a debt; (d) can be transferred, stored or traded electronically; and (e) satisfies such other characteristics as the [MAS] may prescribe”. The PS Act defines “e‑money” as “… any electronically stored monetary value that — (a) is denominated in any currency, or pegged by its issuer to any currency; (b) has been paid for in advance to enable the making of payment transactions through the use of a payment account; (c) is accepted by a person other than its issuer; and (d) represents a claim on its issuer”.
In particular, blockchain operators providing an e-money issuance service and/or digital payment token service such as digital token exchanges will have to be licensed and will need to comply with the various AML/CFT regulations and may in certain situations, need to set up cybersecurity procedures to reduce technological and cyber risks. Apart from digital token exchange, the PS Act would also be of relevance and applicable to sector players such as stablecoin issuers and digital token OTC providers.
Securities Market Regulation
MAS has clarified that a digital token exchange operating a market or facility for the exchange of digital tokens which are capital markets products will generally have to be approved as an approved exchange or recognised as a recognised market operator (“RMO”) by the MAS pursuant to the SFA. In this regard, the MAS recently sought feedback regarding the RMO regime with its publication of the consultation paper entitled “Review of the Recognised Market Operators Regime” (“RMO Consultation”) on 22 May 2018 – please see our response to question 6 below for a further discussion.
There is currently no blockchain-specific legislation or regulatory frameworks in Hong Kong. However, blockchain and DLT technology will invariably engage existing legal and regulatory regimes to some extent, depending on the particular technology in question.
In the Fintech space, the ‘Whitepaper 2.0 on Distributed Ledger Technology’ published by the HKMA on 25 October 2017 (the “Second DLT Whitepaper”) identified 7 broad legal issues arising from the use of DLT, namely: (i) legal basis (validity and enforceability); (ii) data protection and privacy (accessibility, immutability and cross-border considerations); (iii) cross-border and localisation issues (cross-border data flow, legal enforceability and localisation law); (iv) smart contracts (legal basis and effects); (v) liability (governance model and liability of participants); (vi) competition / anti-trust laws (fair competition and anti-trust practice); and (vii) legal issues in specific applications (asset management, mortgages / e-conveyancing, trade finance and digital ID management).
On 27 March 2019, the HKMA granted the first 3 virtual banking licences for Hong Kong (and have subsequently issued a number of further virtual bank licences). From a legal/regulatory perspective virtual banks are subject to the same set of supervisory requirements applicable to conventional banks (albeit that some of these supervisory requirements are adapted to suit the business models of virtual banks under a risk-based and technology-neutral approach).
On 20 December 2018, the IA granted the first virtual insurance company licence under its Fast Track pilot scheme for applications for authorizations of new insurers owning and operating solely digital distribution channels. However, like virtual banks, virtual insurers are subject to the same set of supervisory requirements applicable to conventional insurers (including solvency, capital, and local asset requirements).
As noted in the response to question 2 above, the SFC has issued a number of statements and circulars concerning cryptocurrencies and other virtual assets (see the responses to questions 8-15 below for further detail). These include the statement and circular issued on 1 November 2018, setting out a new regulatory approach for virtual assets. The new measures aim to regulate the management and distribution of virtual asset funds so that investors’ interests are protected at either the fund management level or distribution level or both. The measures do not, however, amend the law or the definitions of “securities” or “futures contracts”. Instead they clarify existing requirements and impose new requirements primarily in the form of licensing conditions on intermediaries. The statement also set out details of a conceptual framework to explore the regulation of virtual asset trading platform operators, which was followed by the publication on 6 November 2019 of a position paper setting out a new regulatory framework for virtual asset trading platforms.