Cryptoassets: financial regulation

The law has come a long way since. Let’s examine some of the general trends.

There appear to be two main techniques in regulating the cryptoindustry. One is to introduce new and dedicated rules and another is to adapt existing law through the judiciary and guidelines. Within the first category falls Malta with its Virtual Financial Assets Act 2018. Within the second category, the European Union, United Kingdom and United States fall. Those states have generally continued with the existing legislation; however, taking the European Union as example – it has recently passed a dedicated regulation to cover cryptoassets. We could assume that the trend of, first, regulatory adaption, and second, dedicated intervention will be taken up elsewhere.

The authorities generally did not take the view that all cryptoassets must fall withing the regulatory perimeter. Thus, cryptoassets were divided into various categories. Typically, distinctions are made along the following lines: (i) security tokens; (ii) exchange tokens; (iii) e-money tokens; and (iv) utility tokens.

Security tokens are those cryptoassets which have characteristics of traditional securities, such as shares. For example, in the European Union, the term “security tokens” includes transferrable securities (as those are defined in the Markets in Financial Instruments Regulation II). If a security token purports to entitle its holders to profits from an enterprise (even without enterprise ownership or governance rights), it is likely to be a transferrable security / security token.

A key consideration for security tokens is that typically before those can be offered to the public, a detailed document – eg, a prospectus – must be prepared and published. Accordingly, security token ICOs typically require a prospectus.

It is intended that a prospectus gives potential investors sufficient data on the issuer and the investment so as to take an informed decision. A prospectus can be a costly and cumbersome exercise and in the EU we are aware of only Hydrominer H2O publishing one.

There are exceptions, where the issuer may offer security tokens to the public without a prospectus, but to qualify for those exceptions the issuer must comply with certain restrictive conditions: such as accepting only certain categories of investor (those who are professional in finance market or high net worth), addressing the offers only to a small group of persons, or limiting the amount raised.

Certain other requirements apply in connection with security tokens. For example, if security tokens are publicly traded, regulations may prohibit certain types of action, such as insider dealing and market manipulation.

Another category of token likely to fall within the regulatory perimeter is e-money tokens. The category is typically defined to include tokens issued in exchange for a fiat currency and which are also accepted by parties other than just the issuer (by way of illustration of what the category intends to cover, we could say that PayPal is an arrangement of a similar nature). Issuers of e-money tokens often need to be authorised or registered.

Exchange tokens are those tokens which are used (intended to be used) in ways similar to traditional fiat money. Bitcoin is the most prominent example of an exchange token. Utility tokens are those are tokens which can be exchanged (used to acquire) goods or services. An example of a utility token would be an “in-game currency”.

It is important to note that in the European Union a new regulatory regime will start to apply to the cryptoindustry shortly. This will be introduced by the Markets in Crypto-Asset Regulation (MiCA). From mid-2024, it will apply to the issuance of asset-referencing and e-money tokens; and from late 2024, it will also apply to cryptoasset services.

The regulatory perimeter outlined above largely draws on the European Union / United Kingdom view of the crypto issuance market. By way of comparison, in Dubai, under the Virtual Asset Law 2022, a wide range of activities relating to “virtual assets” and “virtual tokens” is brought under the regulatory umbrella of the Dubai Virtual Asset Regulatory Authority. In practice one would have to look at Schedule 1 (VA Activities) of the VARA Regulations 2023 for the list of activities that require VARA’s authorisation. Those regulated activities, for example, include advisory services and custody services for all virtual assets. In theory, this probably means that the regulated perimeter today in Dubai is wider than that of the European Union (in practice, it may not necessarily be so, since most of the regulated activities will only be relevant to security tokens). However, when the relevant part of MiCA enters into force, arguably there will more congruence between the Dubai and the European approaches. Of course, Dubai is only one jurisdiction in the United Arab Emirates, and, for example, the Abu-Dhabi Global Market and the DIFC have their own regulatory approaches.

In the United States the treatment of cryptoassets at federal law does not seem to be completely settled. On the one hand, it appears that most cryptoassets are regulated as investment contracts by reason of “their value appreciation creat[ing] an expectation of profit by investors”. However, cryptoassets, which are already trading and which do not at present do not involve the pooling of efforts for a common enterprise (such as Bitcoin) are not regulated as investment contracts. Of course, in addition to the federal regulations, one might need to consider state regulation, too. Thus, from 2015 New York rules cover certain cryptoactivities when this involves New York state residents and a ‘BitLicense’ issued by the NY authorities will be required to undertake such activities.