On 24 September, the European Commission published its much anticipated legislative package for cryptocurrency in the EU. The legislation will effectively legitimise cryptocurrency as a new asset class and create a pioneering legal framework for digital finance.
“By making rules safer and more digital-friendly for consumers, the Commission aims to boost responsible innovation in the EU’s financial sector, especially for highly innovative digital start-ups, while mitigating any potential risks related to investor protection, money laundering and cyber-crime,” the Commission said in a statement.
Cryptocurrency legal experts say that EU legislation is significant, fills a gap existing in most countries, and is likely to be exported as a global standard to many other jurisdictions.
“The future of finance is digital,” comments Valdis Dombrovskis, executive vice president of the Commission. “An innovative digital single market for finance will benefit Europeans and will be key to Europe’s economic recovery by offering better financial products for consumers and opening up new funding channels for companies.”
The Digital Finance Package consists of a Digital Finance Strategy, a Retail Payments Strategy, legislative proposals for an EU regulatory framework on crypto-assets, and proposals for an EU regulatory framework on digital operational resilience, according to the statement.
Part of this package will be designed as regulations, meaning that, once the Council and the EU Parliament have made any eventual amendments, and institutional voices are heard, the regulation will be obligatory for implementation in all 27 Member States.
The legislation creates the concept of “crypto-assets,” a new asset class, which it breaks down into types and regulates accordingly. The concept is taken largely from French legislation that preceded the European effort.
Crypto-assets that act effectively as securities (“security tokens”) will be under the framework of MIFID II, which is proposed for modification so that the terms are adapted to admit the new asset class.
As regards what are now called crypto-assets (officially “a digital representation of values or rights that can be stored and traded electronically,” but in practice cryptocurrencies and stablecoins), the ‘Regulation on Markets in Crypto Assets’ (MiCA) will allow operators authorised in one Member State to provide their services across the EU (“passporting”).
“Safeguards include capital requirements, custody of assets, a mandatory complaint holder procedure available to investors, and rights of the investor against the issuer. Issuers of significant asset-backed crypto-assets (so-called global ‘stablecoins’) would be subject to more stringent requirements (e.g. in terms of capital, investor rights and supervision).”
“The regulation covers an extremely wide remit with new ‘catch all’ definitions looking to ensure that nothing slips through the net,” explains Lavan Thasarathakumar head of regulatory affairs at Global Digital Finance.
Part of the proposal is the creation of the first European regulatory ‘Sandbox.’ The Sandbox is a concept created in the UK: It is a framework set up by a financial regulator that allows FinTech startups and other innovators to conduct live experiments with their applications in a controlled environment under a regulator’s supervision.
“This environment allows temporary derogations from existing rules so that regulators can gain experience on the use of distributed ledger technology in market infrastructures, while ensuring that they can deal with risks to investor protection, market integrity and financial stability. The intention is to allow companies to test and learn more about how existing rules fare in practice,” the statement says.
Along with all this, the ‘Digital Operational Resilience Act’ (DORA) is aimed to ensure that all participants in the financial system have the necessary safeguards in place to mitigate cyber-attacks and other risks. The proposed legislation will require all firms to ensure that they can withstand all types of Information and Communication Technology (ICT) – related disruptions and threats. Today’s proposal also introduces an oversight framework for ICT providers, such as cloud computing service providers.