Basel Committee finalises global standard on prudential treatment of cryptoassets

Following a second consultation last summer, the Basel Committee on Banking Supervision (BCBS) has now finalised its prudential standard on cryptoasset exposures. Some key concessions have been made, notably in relation to the proposed infrastructure risk add-on for Group 1 cryptoassets. However, the final framework remains conservative, particularly in relation to unbacked cryptoassets, which is perhaps no surprise given recent events. Member governments have committed to national implementation by 1 January 2025.

A new global standard

Just as many of us started to wind down for the festive period, the BCBS released its final standard on the prudential treatment of cryptoasset exposures. Once implemented, this will have direct implications for a broad range of digital asset arrangements entered into by banks across the globe. It could also influence prudential requirements for other types of institution. 

The standard has been a long time coming, and follows two in-depth consultations, as summarised in our recent webinar and blogpost. However, the timing has turned out to be particularly apt, falling amid the so-called “crypto winter”. Recent events in the crypto sector have strongly fuelled debate around the need for further regulation and global standards, including to limit potential contagion effects and financial stability risks, as prudential regulation is designed to do. 

Notable concessions

The BCBS has made a few significant changes in response to industry feedback.

Most notably, its proposed capital add-on for DLT infrastructure risks will no longer apply by default. The Committee had previously suggested that tokenised traditional assets and stablecoins, in each case which met the onerous classification conditions for (preferential) “Group 1” treatment, should automatically be subject to an additional fixed 2.5% infrastructure capital add-on, due to their use of novel technologies. This prompted strong industry pushback, in particular to the prospect of creating an uneven playing field and undermining the economic viability of innovations designed to improve efficiencies and reduce risks in the financial markets. 

The final standard retains the ability for authorities to impose an infrastructure risk add-on for specific projects, based on observed weaknesses. However, the reversal of the presumption of additional risk as well as the increased flexibility for national authorities will generally be seen as a big win for financial market innovators.

Another notable relaxation relates to the quantitative test that stablecoins must meet in order to qualify for Group 1. The second consultation proposed a two-part test, covering redemption risk (i.e. the risk of the asset reserve falling short of the amount needed to meet redemption requests) and basis risk (i.e. the risk of the stablecoin’s market value falling relative to the asset by reference to which it is stabilised). The final standard has dropped the basis risk element. However, this has gone hand in hand with a new requirement for the stablecoin to be issued by a prudentially regulated entity, as well as some bolstering of the redemption risk test.

Remaining challenges

Notwithstanding the concessions, the framework remains highly conservative, both in relation to the treatment of Group 2 cryptoassets, i.e. all those that do not meet the classification conditions for Group 1, and in relation to the strictness of the classification conditions for Group 1. 

Regarding Group 2, the punitive 1250% risk weight continues to apply, subject to modification for cryptoassets that meet the hedging recognition criteria proposed in the last consultation. There also remains a tight cap on aggregate exposures to Group 2 cryptoassets. This continues to be set at 1% of Tier 1 capital, although some favourable measures have been introduced:

  • to ensure banks that take steps to hedge exposures are not penalised under the limit (with exposures now measured as the higher of the gross long and gross short position in each cryptoasset, rather than the aggregate of the absolute values of long and short exposures, as previously proposed); and 
  • to mitigate the cliff effects of exceeding this 1% threshold (with Group 2b capital treatment applying only to the amount by which the limit is exceeded, rather than to all Group 2 exposures, provided that a higher threshold of 2% is not exceeded). 

Tough standards in relation to unbacked cryptoassets are perhaps not surprising in light of recent events. However, it remains to be seen precisely what impact this will have on banks considering entering the crypto markets, including in relation to those Group 2 cryptoassets that will benefit from hedging recognition.

In relation to the classification conditions for Group 1, the BCBS has helpfully removed the requirement for satisfaction of these conditions to be pre-approved by a regulatory supervisor. However, the conditions themselves remain complex and onerous and are likely to rule out certain deployments and business models, as we have previously discussed.  In particular, the BCBS has acknowledged that public DLT arrangements will struggle to meet the conditions and, more generally, it is unclear how strictly the classification conditions will be interpreted.

Next steps

The final standard will soon be incorporated into the consolidated Basel Framework. 

Authorities from BCBS members have agreed to implement the standard by 1 January 2025. The BCBS standard is a minimum standard so there is likely to be some degree of divergence in implementation.

The BCBS plans to monitor implementation and issue additional refinements over time. It has flagged up front that it will, in particular, be considering:

  • the introduction of new quantitative tests to distinguish stablecoins suitable for Group 1 qualification;
  • whether deployments on permissionless blockchains should be capable of qualifying for Group 1 treatment (the current standard appears to rule these out on a blanket basis);
  • whether Group 1b cryptoassets (i.e. stablecoins) should be capable of qualifying as eligible collateral for credit risk mitigation purposes (the current standard reserves this status for Group 1a, i.e. tokenised traditional assets);
  • the criteria and application of hedging recognition criteria for Group 2 cryptoassets; and
  • the thresholds in relation to the exposure limit on Group 2 cryptoassets,

all of which could have significant implications going forward.

EU plans to push banks to provide instant payment services

Infrastructure enabling instant account-to-account payments has existed for several years but consumers and banks in the EU have been relatively slow to pick it up. The European Commission has proposed changing the law to spur a more radical shift. The plans involve requiring nearly all banks to provide affordable instant payment services to their EU customers.

How does the EU regulate payments?

Cashless or electronic payments are regulated through a variety of laws in the EU. These include PSD2, which places various obligations on payment service providers (PSPs), and a regulation on cross-border payments, which limits the charges that can be imposed on cross-border euro-payments.

Another important piece of law is the regulation on the Single Euro Payments Area. The SEPA Regulation creates and harmonises standards for cross-border and domestic payments in euro, categorised as “credit transfers” and “direct debits”. Credit transfers, which are also known as wire transfers, credit a payee’s account upon a payer’s instruction to its payment service provider. In contrast, direct debits are initiated by a payee on behalf of the payer (e.g. automatic monthly deductions for an online subscription).

The European Commission classifies instant payments as a subset of credit transfers. These are payments that, among other attributes, are available round-the-clock and ensure the receipt of funds within 10 seconds of a payment order.

In its proposal for a regulation, the Commission now seeks to develop the SEPA Regulation to mandate the provision of “instant credit transfers” in euro.

What changes are proposed?

The legislative proposal puts new obligations on payment service providers relating to instant credit transfers. These are intended to apply in addition to the general requirements for credit transfers under the SEPA Regulation. They include the following.

Mandatory instant payments

EU PSPs offering credit transfers will have to offer instant credit transfers to customers in the EU and EEA.

E-money and payment institutions are exempt from this obligation. However, this position may be revised if they are given access to certain payment systems under the EU Settlement Finality Directive. In the meantime, any e-money and payment institution which chooses to offer instant credit transfers must comply with the requirements described below.

PSPs that offer instant credit transfers, either by mandate or choice, will have to ensure that the service:

  • is available on the same user interface as the one that provides non-instant credit transfers;
  • is reachable every day and at all times; and 
  • conducts verification and settlement immediately.

Affordable charges

PSPs will not be able to charge for instant credit transfers more than they do for non-instant credit transfers.

To allow PSPs located in countries with a non-euro domestic currency to comply with this requirement, the Commission proposes an exception to the regulation on cross-border payments. Specifically, the charge for a cross-border instant credit transfer will not need to be the same as that for a domestic instant credit transfer if doing so would result in a higher charge than allowed by the latest legislative proposal.

Security checks

PSPs offering instant credit transfers will have to match the payee’s name against their unique identifier (such as an IBAN) immediately after these details are entered by the payer.

If there is a discrepancy between the payee’s name and the unique identifier, the payer will have to be notified and warned before authorising the transfer. PSPs can potentially charge for this service.

Sanctions screening

PSPs remain bound by all existing sanctions screening requirements. However, to maintain instantaneity, PSPs will not need to screen instant payments on a transaction-by-transaction basis. Instead, PSPs will have to identify if any of their customers are subject to EU sanctions at least once a day, as well as immediately upon a new person being designated as a sanctioned person in the EU.

If a PSP fails to conduct appropriate (daily) screening and executes an instant credit transfer involving a sanctioned person, it will be liable to the other PSP involved in the transaction for financial damage resulting from penalties.

Why are instant payments being mandated?

The Commission foresees various benefits to a wider adoption of instant payments. Real time payments mean that funds do not remain locked in the financial system but become immediately available to end users to spend or invest. More generally, European supervisors have expressed concerns about increased reliance on largely American-dominated card schemes and Big Tech payment solutions and a need to promote the “strategic autonomy” of the EU. Instant payments may help the development of alternative homegrown and pan-European payment solutions.

The uptake of instant payments in the euro has been slow. According to the Commission, this is down to factors such as high prices and security concerns. The Commission therefore sees coordinated policy compelling the adoption of instant payments as the way forward. This also addresses the risk of market fragmentation within the EU posed by varying national regulatory frameworks.

What next?

The European Council and Parliament are considering the Commission’s proposal. They are expected to focus on aspects such as the definition of instant credit transfer, the cap on charges for instant payments and the liability of PSPs for checking unique identifiers. The Commission’s proposal was originally released in autumn 2022 and the ordinary legislative procedure typically takes around 18 months which means that there should be time to agree and pass the law before the end of the current parliamentary session in 2024.

Once passed, the requirements will be introduced in a phased manner, depending on the location of the PSP. For PSPs in the euro area, the requirements are expected to kick in from end-2024, i.e. 6 months after the new rules are expected to enter into force. For PSPs outside the euro area, the requirements will not start applying until a year after entry into force. Though the UK is still a member of the SEPA, these proposed amendments to the SEPA Regulation will not automatically apply in the UK.

Mandating and regulating instant payments forms one of several initiatives in the pipeline per the Commission’s retail payments strategy. A comprehensive review of PSD2 is underway, which will account for changes introduced by this proposal and extend consumer protection measures to instant payment customers. The Commission hopes that this and complementary projects for open finance and digital euro will help “future proof” the EU payments landscape.

With thanks to Oorvi Mehta for writing this post.

The legal outlook for global fintech – 2023

We are pleased to launch our Fintech Legal Outlook 2023 which explores the key legal and regulatory developments we expect to see in the fintech space over the coming year.  

Disruptive forces are shaping the outlook for 2023

Macro market headwinds are impacting the sector and the crypto winter is leading to increased regulatory activism globally, and galvanising efforts for bespoke regulation for cryptoassets. New forms of digital assets are emerging as digital financial and payments infrastructure develops, meanwhile increasing financial crime is impacting DeFi and crypto. Developing regulation in the digital economy is increasing the compliance challenge and ESG is acting in some cases as a problem, and in others a solution.

Nevertheless, there is still plenty of interest in the digital assets space from established financial institutions and other corporates who are increasingly accessing fintech ideas and technology via strategic investments, collaborations and partnerships. 

Read more in our review which covers the full breadth of the fintech legal spectrum and looks across 19 jurisdictions in Asia, the EU, Latin America, the UK and U.S.

Regional outlooks and global trends

Visit our FLO23 landing page:

  • for our video on the global, Asia, EU, UK and US outlooks
  • for an interactive map with links to our 19 individual outlooks
  • to read more on the 7 global trends we have identified for 2023
  • to view key global fintech contacts
  • to download the publication itself.

Follow up

Please reach out to any of us, or to any to the contacts listed on our landing page if you would like to hear more on the topics covered in our Fintech Legal Outlook 2023, or for more on our general fintech offering.

FSB suggests framework for international coordination on regulating crypto

As different countries take different approaches to how they police cryptoassets, there have been calls for more international coordination on crypto regulation. The Financial Stability Board – a global financial markets standard-setter – has now proposed a framework aimed at greater consistency between emerging crypto regimes. The FSB is inviting feedback on its proposals by 15 December 2022.

Concerns around cryptoassets and financial stability

In the overview to its proposals, the FSB observes that the turmoil experienced in the cryptoasset markets earlier this year has highlighted a number of structural vulnerabilities, exposing:

  • inappropriate business models,
  • significant liquidity and maturity mismatches, 
  • extensive use of leverage, and
  • a high degree of interconnectedness within crypto markets.

It considers that all of these vulnerabilities were amplified by: 

  • a lack of transparency,
  • poor governance,
  • inadequate consumer and investor protection, and
  • weaknesses in risk management.

The FSB concludes that – for now – there has been limited spillover into established financial markets due to relatively low interconnectedness with the wider financial system but warns that this could “change rapidly” as cryptoasset markets recover. In essence, given the speed with which crypto markets are evolving, there is a real possibility that crypto markets could reach a point where they influence global financial stability.

Issues with the current regulatory landscape

The FSB considers that cryptoassets are “predominantly used for speculative purposes” and that many remain non-compliant with or outside the scope of existing regulation. Whether existing financial regulation applies depends on a case-by-case assessment of whether the relevant assets and activities are regulated under each jurisdiction’s laws. The result for cross-border cryptoasset activities is a global patchwork of regulatory frameworks which is becoming more complex as crypto-specific regimes are being developed.

A design for crypto regulation – key takeaways

To help guide consistency between those emerging regimes, the FSB has issued a framework for the regulation of cryptoasset activities for public consultation. Once finalised, this will be delivered to the G20 Finance Ministers and Central Bank Governors and is intended as guidance for national regulators to follow.

In summary, the FSB recommends that national regimes should:

  1. Empower regulators to oversee cryptoasset activities and markets, including crypto issuers and service providers
  2. Regulate crypto issuers and service providers in a way which is proportionate to the (potential) financial stability risk they pose
  3. Facilitate information-sharing between regulators
  4. Expect crypto issuers and service providers to have comprehensive governance frameworks in place with clear lines of responsibility
  5. Require crypto service providers to have effective risk management frameworks and require issuers to address financial stability risks in their relevant markets
  6. Allow for regulatory reporting of relevant data
  7. Impose disclosure requirements on crypto issuers and service providers
  8. Monitor risks arising from interconnections both within the cryptoasset ecosystem and between the crypto ecosystem and the wider financial system
  9. Address risks associated with the combination of functions in a single entity, including requirements to separate certain functions and activities

Some points to note are:

  • The FSB does not prescribe how these recommendations should be implemented. In some cases the aims may be achieved through the extension of existing regulation to cryptoassets; in others crypto-specific guidance or regulation may be required.
  • The proposals are based on the principle of “same activity, same risk, same regulation”. In other words, (unregulated) cryptoassets performing an equivalent economic function to (regulated) financial instruments should be subject to equivalent rules.
  • The recommendations apply very broadly to all cryptoasset activities, issuers and service providers that may pose risks to financial stability. This could present a challenge for countries which have so far chosen not to follow the EU’s approach in pursuing a comprehensive regulatory structure for a wide range of cryptoassets.
  • The aim is for regulators to provide effective guardrails around cryptoassets and markets, providing for adequate transparency, accountability, market integrity, investor and consumer protections and AML/CFT defences across the cryptoasset ecosystem.
  • The recommendations support rules being imposed on crypto issuers and service providers to, for example, require them to act honestly and fairly with stakeholders, comply with prudential and market conduct standards, and establish effective contingency arrangements and business continuity plans. The recommendations also envisage segregation requirements to make sure that customer assets are safeguarded.
  • Many providers offer a wider range of crypto services – such as trading, custody, settlement and lending – from a single entity. The combination of multiple functions in a single provider complicates the provider’s risk profile and introduces conflicts of interest. The FSB suggests regulation could require certain functions and activities to be kept separate.
  • The FSB considers that more rigorous regulatory standards should apply to cryptoassets, such as stablecoins, that could be widely used as a means of payments and/or store of value because they could pose significant risks to financial stability.

An update on global stablecoin arrangements

As well as presenting a general framework for regulating crypto, the FSB is also consulting on changes to its recommendations for supervising global stablecoin arrangements. The revisions are a response to recent market and policy developments. The recommendations represent a higher level of regulatory standard for this category of cryptoasset.

Among the changes, the FSB proposes extending the scope of its recommendations to include stablecoins with the potential to become global stablecoins. The revised recommendations also suggest regulators require global stablecoin arrangements to prepare for run scenarios by having comprehensive liquidity risk management practices and contingency funding plans in place.

The most significant changes relate to stabilisation mechanisms. Many stablecoins in today’s market rely on algorithmic protocols and/or arbitrage activities to maintain a stable value. In the wake of the Terra/Luna collapse, the FSB has concluded that relying on algorithms or arbitrage is not an effective stabilisation mechanism. Its revised recommendations call on national regulators to impose robust requirements for the composition of reserve assets, “consisting only of conservative, high quality and highly liquid assets”. Few existing stablecoins would meet this standard.

As well as changes to stabilisation mechanisms, the FSB also calls for improvements to governance, risk management, redemption rights and disclosures relating to global stablecoin arrangements.

Next steps

Feedback on the consultations is requested by 15 December 2022. The FSB then expects to finalise its recommendations by mid-2023. Given that the FSB reports to the G20 nations, any suggestions it makes can be expected to influence the approach being taken by national policymakers and so could have a real impact on crypto market participants. The FSB plans to review progress made on implementing its final recommendations before the end of 2025.

One area which is not covered in detail in these papers is the role of decentralised finance. An annex on DeFi suggests that DeFi protocols purport to rely on decentralised governance but that in practice governance is often concentrated in the hands of the protocol development team and/or a small group of related stakeholders. The FSB says that it will consider in 2023 whether additional policy work focusing on DeFi is needed.

MiCAR in the making: EU passes milestone on road to crypto regulation

Two years since the draft text was first released, the EU’s flagship Markets in Cryptoassets Regulation has now been finalised and is set to become law. The rules will impact crypto issuers and service providers not only in the EU but around the world, thanks to its extraterritorial effect. Several important aspects will only start to apply after a transitional period, meaning it could take several years before the full impact of MiCAR is felt.

The vision

In September 2020 the European Commission first put forward draft legislation aimed at harmonising the EU’s regulation of cryptoassets. Now, after two years of negotiations between the European Parliament, Council and Commission, the EU’s agreed compromise on MiCAR has arrived.

MiCAR aims to build a single pan-European crypto market by replacing the national regimes that have started to emerge and boosting consumer confidence in compliant crypto. A passporting regime will allow authorised crypto service providers to do business across the EU as part of its single market for digital finance. It also seeks to mitigate risks arising from market abuse and rein in cryptoassets which could have a detrimental effect on financial stability or monetary sovereignty.

The regulation is a keystone of the EU’s Digital Finance Strategy, alongside the EU’s digital operational resilience act (DORA) and DLT pilot regime, and reflects a broader trend as the EU revamps its regulation of the digital economy. Its arrival comes as the international Financial Stability Board opens a consultation on what an effective crypto regulatory framework should look like.

Many market participants will welcome a greater degree of legal clarity, despite the additional regulatory burden that MiCAR ushers in. The hope is also that bringing more legitimacy to crypto markets should lead to more institutional investment and growth. However, some important legal questions remain outstanding and much of the legal framework, in the form of detailed technical standards, is still to be developed. 

Two years on, what has changed?

Scope – what?

The definition of “cryptoassets” remains very broad. Cryptoassets that have the characteristics of a financial instrument and which are therefore already regulated under the existing securities regulatory framework are carved out of scope.

Since MiCAR was first published, interest in non-fungible tokens has increased, which has led to some suggestion they could fall within the regime. In the end, truly “non-fungible” tokens will generally fall outside the scope of the MiCAR framework on the basis that they are not interchangeable and so not the subject of liquid markets. However, fractional parts of an NFT will not be considered “non-fungible”, nor will the issuance of NFTs in a large series or collection.

Under MiCAR, in-scope cryptoassets will be categorised according to their perceived risk as one of:

  • EMTs: e-money tokens, which are broadly stablecoins pegged to one official currency
  • ARTs: asset-referenced tokens, which are broadly stablecoins pegged to more than one official currency or other assets
  • Other: cryptoassets which are not EMTs or ARTs and so are subject to lighter-touch requirements.

Previously the definition of ART referred to specific asset-classes (commodities, cryptoassets and baskets of currencies). Now the concept of an ART has been broadened to cover all cryptoassets, other than EMTs, that aim at maintaining a stable value by reference to any value or rights.

Another area of interest is DeFi. Services provided in a “fully decentralised manner” should not be in the scope of MiCAR (which sidesteps tricky questions about how to regulate DeFi systems in practice). However, MiCAR will apply to intermediaries that perform their services as part of wider DeFi arrangements. For example, if a cryptoasset is issued to the public on a decentralised basis, the operator of the trading platform must produce the white paper for the cryptoasset. Exactly how MiCAR will apply to particular decentralised arrangements will need to be considered on a case-by-case basis.

Scope – who?

The final version of MiCAR applies to both issuers of cryptoassets offering their products into the EU and cryptoasset service providers (CASPs). CASPs must seek authorisation to offer their services in the EU. Having a crypto licence means applying rules on, for example, conduct, capital and safeguarding, as well as service-specific requirements.

The list of cryptoasset services has been extended since the original draft. Alongside activities such as crypto custody and exchange of cryptoassets (see our previous blogpost), the following will also be regulated under MiCAR:

  • providing transfer services for cryptoassets on behalf of third parties
  • providing portfolio management on cryptoassets.

Notably, all CASPs are now required to have their “place of effective management” (i.e. the place where the key management and commercial decisions that are necessary for the conduct of business are taken) in the EU and at least one of the directors must reside in the EU.

The revised version of MiCAR also includes a new concept of a “significant CASP”. CASPs must monitor the number of their users. A CASP with 15m or more active users in the EU is considered “significant” and must notify its regulator and provide it with certain information.

Enhanced requirements for issuers and service providers

The negotiations on MiCAR have led to various requirements for both issuers and service providers being tightened.

Most significantly, new caps on volume have been introduced for ARTs and EMTs used as means of exchange in order to address monetary sovereignty concerns. Where these tokens are used as means of exchange (as opposed to objects of investment, for example) and the volume of transactions reaches certain thresholds (more than a million transactions per day valued at, at least, EUR200m), the issuer must stop issuing the tokens and present a plan to make sure that the number and value remains below the caps. This has raised particular concerns that certain prominent USD-denominated stablecoins could effectively be banned in the EU.

MiCAR also now requires ART issuers to provide a right of redemption to the holders which can be exercised at any time. Previously, this redemption right only applied to EMTs. As expected (see our blogpost: European Parliament pushes for sustainability disclosures in crypto market), the final version of MiCAR introduces ESG disclosure obligations. These have been included to encourage a move away from energy-intensive proof-of-work consensus mechanisms. ESG disclosures are required in white papers and on CASP websites, with European Supervisory Authorities tasked with developing further standards.

Other changes – custodians and oversight

There has been an important development for crypto custodians. The original draft suggested custodians could be liable for the loss of a cryptoasset or means of access to the cryptoasset even if this happened on-chain and outside the custodian’s control. MiCAR now limits this to incidents attributable to the custodian, although the burden is on the custodian to show that the loss happened independently of its services and operations. Their liability is also capped at the market value of the cryptoasset lost at the time the loss occurred.

The European Central Bank and central banks gain additional powers to oversee, and intervene in, crypto markets. For example, the ECB may require a regulator to refuse, withdraw or limit an authorisation to issue ARTs.

What happens next?

The text is due to be formally adopted in the coming months. It is expected to enter into force early in 2023 but not start to apply until 2024. Generally MiCAR will apply from 18 months after entry into force although the rules for stablecoins (i.e. ARTs and EMTs) will start to apply after 12 months.

The impact on existing crypto businesses could be delayed further thanks to transitional regimes. For example, CASPs which are in operation before MiCAR takes effect may continue to provide their services in accordance with national law for an additional 18 months after the rules start to apply. Where necessary, this will allow them time to apply for a licence under MiCAR’s authorisation regime.

Also over the next couple of years several sets of technical rules and guidance will be developed by the European Supervisory Authorities. For example, the European Securities and Markets Association will develop guidelines on the criteria and conditions for cryptoassets (including NFTs) to qualify as financial instruments.

Finally, MiCAR also requires certain EU authorities to deliver an interim review on the application of MiCAR within two years and a full report within four years. This will include assessing whether the regulatory treatment for NFTs and DeFi is adequate. Given the pace of change in the sector, these papers will likely lay the groundwork for a MiCAR 2.0.

While the EU implements MiCAR, other jurisdictions around the world are looking to introduce or enhance their own frameworks for regulating crypto. To promote consistency between these regimes, the FSB has proposed recommendations for the regulation of cryptoasset activities. Its consultation closes on 15 December 2022.

New Bill lays foundations for future UK cryptoasset regulation

The race is on to regulate crypto. Last month the EU announced that its regulation on markets in cryptoassets had been agreed in principle. Now the UK has unveiled its own legislation for rolling out the government’s “staged and proportionate” approach to regulating cryptoassets. However, the impact for market participants will only become clear once more detailed rules are released in due course.

Defining digital settlement assets

The Financial Services and Markets Bill proposes reforms to the regulation of the UK financial sector. The reforms include handing power to the Treasury to create new digital asset regulatory regimes and bring certain cryptoassets within the scope of, and modify, existing regulatory frameworks.

These powers hang on the definition of “digital settlement asset”. A new concept in UK law, it is taken to mean a digital representation of value or rights, whether or not cryptographically secured, that:

  • can be used for the settlement of payment obligations, 
  • can be transferred, stored or traded electronically, and
  • uses technology supporting the recording or storage of data (which may include distributed ledger technology).

The definition mirrors in part the “cryptoasset” definition proposed by the EU’s MiCA Regulation but, unlike the EU’s proposed term, emphasises that such assets must be able to be used for the settlement of payment obligations, thereby potentially excluding those cryptoassets used for investment purposes only.

The term “stablecoin” does not appear in the Bill but it is expected that the government will use this definition of digital settlement asset, which encompasses a range of technologies and structures, to put into action its plans to regulate stablecoins used as a means of payment.

The Bill further permits Treasury to amend the definition of digital settlement asset, thereby allowing Treasury to expand the perimeter of their regulatory powers to other types of cryptoassets. The rationale is that this enables Treasury to potentially extend the regulatory net to other cryptoassets used for investment purposes, which is expected to be the subject of a consultation paper later this year.

A digital settlement asset regulatory regime

Under the Bill, the Treasury is granted a sweeping range of powers to create a regulatory regime around digital settlement assets. These powers include:

  • amending legislation to regulate payments that include digital settlement assets, 
  • amending legislation to regulate payment systems that include arrangements using digital settlement assets, as well as their service providers, 
  • making insolvency arrangements in relation to those payment systems.

Certain legislative changes proposed by Treasury will require the consent of Parliament, but in all cases will avoid the need for a new Act. A further power contained in the Bill allows Treasury, if necessary, to provide for any regulations implementing any of the above without delay, which should enable the Treasury to react quickly to DLT and cryptoasset innovations.

Expanding the perimeter of e-money and payments legislation

In addition to empowering Treasury to develop new regulations, the Bill also allows for digital settlement assets to be brought within scope of existing e-money and payments legislation.

Through amendments to the Financial Services (Banking Reform) Act 2013, a payment system using digital settlement assets may be designated as a regulated payment system by Treasury, which will bring such payment system under the remit of the Payments Systems Regulator. The PSR will then have powers to issue directions, influence system rules, conduct investigations and so on, with the primary aim of ensuring that the relevant DSA-based payment systems are subject to appropriate economic and competition regulation.

The unique characteristics of stablecoins and other cryptoassets means that they may fall outside the UK’s electronic money regime. To the UK government, this omission conflicts with the principle of “same risk, same regulation”. It is envisaged, therefore, that the broad powers afforded to Treasury in respect of digital settlement assets will also enable Treasury to establish an FCA authorisation and supervision regime of digital settlement assets drawing on existing electronic money and payments regulation.

Digital settlement assets are not definitively brought within scope of the UK’s e-money regime under this Bill, but Treasury would have the power to apply such e-money rules to digital settlement assets in future.

Managing systemic stablecoin risk

The Bill also responds to concerns about the systemic risk some stablecoin arrangements may pose.

Part 5 of the Banking Act 2009 is extended to include payment systems using digital settlement assets and digital settlement asset service providers (which includes firms that provide services to a payment system chain, such as safeguarding, stablecoin creation or issuance, and exchange providers). To the extent that the Treasury considers a DSA payment system or service provider as likely to threaten the stability of or confidence in the UK financial system, or have serious consequences for business or other interests throughout the UK, the Treasury may specify the DSA payment system or service provider as a recognised entity. The Bank of England will then oversee those entities and will be able to, for instance, issue principles and codes of practice, give directions and take enforcement action.

The Treasury is also empowered to bring digital settlement assets within scope of the Financial Markets Infrastructure Special Administration Regime (FMI SAR), with appropriate modifications. The FMI SAR is a bespoke administration regime currently applicable to payment systems that allows an administrator to pursue an objective of service continuity if a payment system fails, even if this is not in the best interests of creditors. The Treasury has indicated that it plans to amend the FMI SAR so it can be effectively applied to digital settlement assets.

Next steps

The second reading of the Bill is scheduled to take place in September and royal assent is expected in early 2023. However, as described above, the Bill does not itself set crypto regulation. The Treasury will follow up with more detail on the intended use of its new powers to create the regulatory framework, with the Bank of England and the FCA consulting on the specifics of the relevant rules. In the meantime, the Treasury plans to consult later in the year on how it might extend the regulatory perimeter to a broader pool of cryptoassets.

Read our note for more on the Financial Services and Markets Bill.

UK proposes “light touch” approach for regulating artificial intelligence

Like an elephant, the essence of AI is difficult to put into words, but you know it when you see it.* This poses a challenge for policymakers looking to use regulation to support the safe development of artificial intelligence. In a new policy paper, the UK Government chooses not to pin down what AI means and emphasises the flexibility of its approach. But the EU’s first-mover proposal for an AI-specific Act may end up setting the global standard.

Pro-innovation regulation

In its policy paper, the Department of Digital, Culture, Media and Sport has put forward a “pro-innovation” vision for the future regulation of artificial intelligence. The paper sets out the building blocks of a cross-sectoral regulatory framework.

As the paper points out, the UK does not have laws written explicitly to regulate AI. This means that businesses rolling out AI systems must make sure they fit within existing legal and regulatory regimes. For example, the Information Commissioner’s Office (ICO) has taken action against Clearview for its facial recognition tech and has promised to investigate concerns over the use of algorithms to sift recruitment applications. See also our note on how AI in financial services is regulated in the UK.

The lack of AI-specific regulation may, however, lead to confusion and hinder innovation. Respondents to a 2019 survey of financial institutions suggested that additional guidance on how AI fits within existing rules could encourage more firms to adopt AI.

To steer consistency across different industries, the DCMS intends to set cross-sectoral principles tailored to AI and ask regulators to contextualise these for the sectors they oversee.

Principles and guidance, not rules

The DCMS has produced six guiding principles for regulators to consider when overseeing the use of AI in their sector. These are:

  1. Ensure that AI is used safely
  2. Ensure that AI is technically secure and functions as designed
  3. Make sure that AI is appropriately transparent and explainable
  4. Embed considerations of fairness into AI
  5. Define legal persons’ responsibility for AI governance
  6. Clarify routes to redress or contestability

DCMS does not expect these principles necessarily to translate into new obligations. Instead, it plans to encourage regulators to consider lighter touch options in the first instance, such as guidance or voluntary measures. Regulators are told to adopt a proportionate and risk-based approach focusing on high-risk concerns.

This flexible approach is likely to be applauded but by choosing not to regulate in this area it could be that the EU’s stricter rules become the de facto standard for AI regulation.

EU divergence

Unlike the EU, the UK is not preparing to introduce AI-specific legislation. Instead, the DCMS suggests that responsibility should be delegated to regulators for designing and implementing proportionate regulatory responses.

The European Commission’s bold proposal for an AI Act aims to regulate AI systems across the EU according to the level of risk they present. The draft legislation seeks to ban AI systems that present unacceptable risks, impose strict requirements on those considered to be high risk (such as systems used to evaluate credit risk or provide credit scores), and potentially subject lower risk systems to transparency requirements.

The EU’s regime could bring about sweeping changes, requiring businesses to assess the riskiness of their AI systems and comply with the relevant obligations. Failing to meet the requirements for high-risk AI systems could lead to fines of up to EUR 30 million or 6% of global turnover, whichever is greater. Read more in our blogpost on what the EU is doing to foster human-centric AI.

Another distinction between the EU and UK is the approach to defining AI. Whereas the EU AI Act includes a very broad definition, the DCMS policy paper chooses not to define AI. Instead, it notes core characteristics of AI technology which existing regulation may not be fully suited to address.

These characteristics are:

  • Adaptiveness ie the logic behind an output can be hard to explain
  • Autonomy ie the ability to make decisions without express intent or human involvement

It is the combination of these characteristics that demand a bespoke regulatory response for AI. By focusing on these core characteristics, the DCMS argues that a detailed universally applicable definition of AI is not needed.

The DCMS acknowledges that its proposals diverge from the vision of AI regulation set out by the EU but argues that the EU’s approach of setting a “relatively fixed definition” in legislation would not be right for the UK because it does not capture the full application of AI and its regulatory implications.

Next steps for AI in financial services

The DCMS emphasises the importance of ongoing collaboration between UK regulators in the digital space including via the Digital Regulation Cooperation Forum, which includes the Financial Conduct Authority.

As well as contributing to the DRCF, the FCA has been working closely with the Bank of England on AI, for example via the AI Public Private Forum. The results of a follow-up to the 2019 FCA-Bank of England survey on how machine learning is used in the financial services sector are expected later this year. The regulators also plan to open a discussion paper in 2022 which will aim to clarify the current regulatory framework and how it applies to AI.

For its part, the DCMS says that it is still at the early stages of considering how best to put its approach into practice but will set out further details in a white paper and consultation later this year. Its current thinking is to put the cross-sectorial principles on a non-statutory footing but the DCMS does not rule out the need for legislation as part of the delivery and implementation of the principles, for example to update regulators’ powers.

The DCMS invites views on its policy paper by 26 September 2022.

For more on the outlook for AI regulation, read our Tech Legal Outlook mid-year update and our 2021 report on AI in financial services.

*“There are some words or expressions which are like an elephant; its essence is difficult to put into words, but you know it when you see it.”
Blackbushe Airport Ltd v Hampshire County Council, R (On the Application of) & Ors [2021] EWCA Civ 398

BCBS consults on draft standards for the prudential treatment of cryptoasset exposures

Following an initial consultation last summer, the Basel Committee on Banking Supervision (BCBS) has published draft international standards for the prudential treatment of cryptoassets. These standards go well beyond the treatment of unbacked cryptoassets like Bitcoin, and could potentially determine the economic viability of a broad range of digitalisation projects. The BCBS has been receptive to some concerns raised by the financial industry in response to its initial consultation. It has also tightened and clarified its initial proposals in a number of areas. Stakeholders have until 30 September 2022 to respond.

A second consultation

Last June, the Basel Committee on Banking Supervision (BCBS) published a proposed framework for the prudential classification and treatment of “cryptoassets” by prudentially regulated firms. The term “cryptoassets” was defined in broad terms, as “private digital assets that depend primarily on cryptography and distributed ledger or similar technology”. Currently, there is a substantial degree uncertainty and international divergence around how prudential standards apply in this area. As a result, the BCBS’s efforts have largely been welcomed by the financial industry.

At the same time, some of the specific features of the proposed framework were cause for concern. In particular, the proposals were criticised for unjustifiably treating a wide spectrum of different arrangements as equivalent from a risk perspective, while continuing to leave considerable room for uncertainty (see our previous publication). A widely supported joint industry response noted that the framework “would create material impediments to regulated bank participation in cryptoasset markets”.

The BCBS has now published its second consultation paper, which sets out the full text of the proposed standards, for incorporation into the consolidated Basel Framework. The draft reflects various changes to the initial proposal, a number of which respond to industry concerns.

Key changes

The key changes to the initial proposal are outlined below:

  • Refinement of classifications conditions

    The proposed framework continues to distinguish between “Group 1” cryptoassets which meet certain classification conditions and “Group 2” cryptoassets, which do not. Group 1 comprises both Group 1a (tokenised traditional assets) and Group 1b (cryptoassets with effective stabilisation mechanisms). The capital treatment for Group 1 cryptoassets will generally be based on the existing Basel Framework (subject to certain add-ons), whereas Group 2 will be subject to a punitive 1250% risk weighting and an aggregate exposure limit (as discussed below). The framing of the conditions therefore has a fundamental bearing on how the framework will apply. The conditions initially proposed were broadly criticised both for lack of clarity and for setting the bar for Group 1 inappropriately high. The BCBS has revised the conditions in response to those concerns and invited feedback on the revisions. Among other things, the BCBS is considering whether qualification as a Group 1b cryptoasset should require satisfaction of a “redemption risk test” and a “basis risk test” or, instead, an issuer which itself is prudentially regulated.
  • Infrastructure risk add-on for Group 1 cryptoassets

    The BCBS is now proposing to introduce an “infrastructure risk add-on” to address the unforeseen risks associated with distributed ledger technology, given its relative novelty. This would apply to Group 1 cryptoassets. Precisely where the boundary would fall in relation to applications of DLT by centralised market infrastructures is not clear. The proposal says that dematerialised securities which are issued through DLT or similar technologies are considered to fall within scope whereas “dematerialised securities that use electronic versions of traditional registers and databases which are centrally administered” fall out of scope. Hybrid structures are not discussed.

    The proposed calibration of the add-on is 2.5% of the exposure value. For exposures in the banking book, this is equivalent to increasing the risk weight that would apply to the exposures by 2.5%. For exposures in the trading book, this is equivalent to a market risk capital charge of 0.2% of the exposures.

  • Recognition of hedging of certain Group 2 cryptoassets

    The BCBS has conceded that Group 2 cryptoassets which meet a specific set of “hedging recognition criteria” should be allowed to benefit from modified versions of the market risk requirements which allow a limited degree of hedge recognition in the calculation of a bank’s net exposure. This is in direct response to industry feedback that certain unbacked cryptoassets in which there is a highly liquid and transparent two-way market (such as BTC and ETH) can be hedged effectively, including with related derivatives or exchange traded products.
  • Removal of account classification link

    Under the revised proposal, the capital requirements that apply to cryptoassets are no longer linked to their classification as tangible or intangible assets under the accounting standards. This is intended to address concerns that linking capital treatment to an evolving accounting framework could lead to uncertainties and inconsistencies between jurisdictions.

  • Operational risk clarifications

    The revised proposal provides more detail on how the risks relating to cryptoasset activities can be mapped to the different risk categories of the Basel capital framework (notably, credit risk, market risk and operational risk). It also outlines how banks can address operational risks through their risk management processes and the supervisory review process.

  • Detail on application of liquidity rules

    The draft framework now includes more detail on the application of the Liquidity Coverage Ratio (LCR) and Net Stable Funding Ratio (NSFR). The draft clarifies, for example, that a tokenised version of an asset that qualifies as a high quality liquid asset (HQLA) will be considered HQLA only to the extent the tokenised form of the asset also meets the HQLA criteria. The draft also clarifies the liquidity treatment in relation to crypto-liabilities (i.e. cryptoassets issued by the relevant bank).

  • Group 2 exposure limit

    The existing Basel Framework includes limits on large exposures to particular counterparties. However, these rules were not designed for an environment in which there may be no counterparty (as is the case for certain cryptoassets). BCBS is therefore proposing a new exposure limit to apply to all Group 2 cryptoassets which fall outside the existing large exposure rules. The provisional limit (to be reviewed periodically) is proposed to be set at 1% of Tier 1 capital. This would apply to gross exposures (with no netting or recognition or diversification benefits) and would include both direct and indirect exposures.


Once finalised, the BCBS framework will serve as a minimum international standard for the prudential treatment of cryptoasset exposures. Its precise formulation could have a significant impact on the economic viability of a wide range of cryptoasset and DLT projects by prudentially regulated firms. Much is likely to turn on the detail. Stakeholders have until 30 September 2022 to respond.

Who is responsible? The English court comments on duties owed to cryptoasset owners

The judgment in Tulip Trading Ltd v Bitcoin Association for BSV and Others sheds light on the legal relationship between the software developers behind various bitcoin networks and their participants. Notably, the court found that there was no case to be made that the developers had a duty to take action to undo the effects of an alleged theft. At the same time, the possibility of other legal duties falling on developers in the future was left open. Players in the crypto markets should be cognisant of this position, amid ongoing market turmoil. 

The decision 

Earlier this year, the High Court denied a prominent bitcoin holder, whose private keys to substantial holdings were allegedly taken in a cyber-attack, the right to serve a legal claim on a group of developers for failing to take action to restore the lost value into the claimant’s hands.

The case was brought by Tulip Trading Ltd (“Tulip”), which claimed that the defendants were the core developers behind various bitcoin networks and/or otherwise controlled the relevant software, and that they owed the claimant fiduciary and/or tortious duties to rectify the “theft” of private keys by writing and implementing a software “patch” that would restore Tulip’s access to the bitcoin assets. In setting aside permission to serve the claim out of the jurisdiction, Mrs Justice Falk held that there was no serious issue to be tried on the merits of the claim. Last month, Falk J also declined Tulip leave to appeal.

No fiduciary and tortious duties – for now

Falk J rejected the argument that the software developers owed the claimant a fiduciary duty. In particular, she noted that the defining characteristic of a fiduciary relationship is the obligation of undivided loyalty, and if the claimant’s argument were accepted, the steps that the defendants would have to take would be for the claimant’s benefit alone, to the exclusion of other users, to whom the defendants would also owe the same duty and who would have a legitimate complaint against the defendants.

Falk J also refused to find a tortious duty of care in this situation. She concluded that it would not merely be an incremental extension of the law to impose a duty concerning “failures to make changes to how the networks work, and were intended to work, rather than to address a known defect”. This was particularly true given that the alleged loss was an economic loss arising out of an omission. 

Underlying both strands of Falk J’s reasoning is a recognition of the “core values of bitcoin as a concept” (in the defendants’ words): digital assets are transferred through the use of private keys and what the claimant was seeking was effectively to bypass that.

Bitcoin networks are not financial institutions 

Tulip argued that bitcoin networks “could be equated with financial institutions”, in the sense that “[f]unds were being entrusted to controllers of the Networks, who profited from their activities, and public policy required the imposition of a corresponding duty of care”, and therefore a duty of care similar to the duty of care on banks established in Barclays Bank v Quincecare [1992] 4 All ER 363 should be imposed on bitcoin networks. Falk J was not persuaded by the argument: in particular, she noted that the starting point for the Quincecare duty of care is the relationship of contract and agency between the bank and its customer. It is interesting that such arguments seen in the more traditional financial sphere were being deployed in the context of a decentralised network with no contractual framework, and the court’s rejection of the direct analogy should be welcomed. 

Room for future claims? 

Without deciding the point, Falk J in obiter commentary left open the prospect of the developers or controllers of digital asset networks owing some other form of duty to owners of digital assets in other situations. For instance, she suggested that it was conceivable that some form of duty could arise if the developers “introduc[ed] for their own advantage a bug or feature that compromised owners’ security but served their own purposes.” Falk J hinted that there may be other circumstances where the developers or controllers could owe a duty.

This is only a first instance decision following a summary procedure and therefore its precedent value will be limited. But, in practice, this decision is likely to be influential given the novel issues raised. The recent turmoil in the cryptoasset market may provide fertile ground for litigation on this topic as the significance of these potential duties takes centre stage.

EU finalises DLT Pilot Regime

The EU’s pilot regime for market infrastructures based on distributed ledger technology has now been finalised. The regime will provide significant flexibility for eligible firms to experiment with DLT-based trading facilities and settlement systems for financial instruments, including the option of operating a combined trading and settlement facility. There are, limitations to consider, however, including uncertainty as to whether infrastructure developed under the regime will be permitted to live on long-term. Meanwhile, the UK is working on developing its own financial market infrastructure sandbox.

What is the DLT Pilot Regime?

The EU’s pilot regime for market infrastructures based on distributed ledger technology has now been finalised through a Regulation published in the EU’s Official Journal. The regime is effectively a regulatory sandbox. It allows eligible firms to apply to operate a DLT-based trading facility and/or settlement system for financial instruments, within a flexible regulatory environment. Broadly, the idea is to facilitate the development of secondary market infrastructure for digital securities (including both “tokenised” securities and digitally native securities), and to help inform EU regulators as to what (if any) permanent changes to the regulatory framework would be beneficial.

Applications can be submitted from 23 March 2023. Permissions will be granted for a period of up to six years (and will only be valid during the life of the pilot regime). By March 2026, the European Securities and Markets Authority (ESMA) will report on the success of the regime and recommend next steps (including whether to make any elements of the pilot regime permanent, by amending the general regulatory framework).

Key features

The final Regulation has evolved from the Commission’s initial proposal. The key features of the final version are summarised below.


  • Authorised investment firms and market operators may apply to operate a DLT multilateral trading facility (DLT MTF)
  • Authorised central securities depositories may apply to operate a DLT securities settlement system (DLT SS)
  • Both groups may apply to operate a combined DLT trading and settlement system (DLT TSS)
  • New entrants may apply for temporary authorisations as investment firms / market operators or CSDs, alongside an application under the pilot regime


  • Applications are to be made to relevant national authorities
  • National authorities are required to consult with (and in some cases have regard to a non-binding opinion from) ESMA, as part of their decision-making process
  • Applications must indicate which regulatory exemptions the applicant is requesting

Exemptions from general regulation

  • Broadly, operators will be subject to regulations applicable to the equivalent traditional market infrastructures, subject to the requested exemptions
  • DLT TSSs (which have no traditional equivalent) are subject to rules applicable to both DLT MTFs and DLT SSs, with a few exceptions, primarily to avoid overlap
  • Exemptions may be requested from certain specified requirements under the general regulatory framework, where those requirements are incompatible with the proposed DLT use case
  • Each exemption granted will be subject to certain attached conditions, with which the operator must comply
  • Among other things, exemptions may allow for models which provide direct access to retail investors, settlement in commercial bank money (as opposed to central bank money) and CSD-operated settlement systems which are not designated under the Settlement Finality Directive

    Additional requirements

  • Firms operating under the pilot regime will also be subject to additional requirements aimed at the risks associated with the novel technology and structures
  • Among other things, operators will require a clear business plan, an appropriate legal rulebook, disclosures to stakeholders on how the offering differs from a traditional offering, robust arrangements around technology and the protection of client assets and a credible exit strategy, in case the pilot is discontinued

Eligible financial instruments

  • The regime limits the types of financial instrument that may be admitted to trading / recorded on a DLT market infrastructure (for example, in relation to shares, the issuer must have a market capitalisation of less than EUR500m and in relation to bonds, the issue size must be less than EUR1bn)
  • In addition, the total market value of financial instruments admitted to trading / recorded on a DLT market infrastructure must fall within an aggregate limit, set at EUR6bn
  • National competent authorities may lower any of these thresholds

Potential opportunities

Under the general regulatory framework, transferable securities which are traded on trading venues are required to be recorded in a CSD. This requirement has previously acted as a barrier to innovative non-CSD entities developing some of the more streamlined market infrastructure models which distributed ledger technologies would support. The pilot regime’s DLT TSS model will, for the first time, allow investment firms and market operators (as well as new entrants that apply for temporary authorisations) to provide settlement services in relation to securities which are traded on trading venues. This could potentially be a significant opportunity for new players to compete with CSDs on settlement services.

Equally, CSDs have not previously been authorised to offer trading facilities, and they too may look to explore the possibility of capturing new parts of the value chain through the DLT TSS model.

More broadly, firms now have the option of requesting exemptions to a number of requirements which have previously been identified in the market as potentially problematic for DLT-based systems. At least in theory, this should provide much more latitude for experimentation with innovative systems. The regime also gives firms the chance to help shape the future of EU financial services regulation.


Naturally, there are limitations to consider. For example:

  • The threshold restrictions on eligible financial instruments will restrict the potential scale of projects (although it is helpful that the threshold levels have been increased significantly from the Commission’s initial proposal).
  • Satisfying the conditions attached to exemptions as well as the additional requirements may not be straightforward in practice. In some cases, there may be considerable uncertainty as to how the requisite standards can be met.
  • The uncertainty as to whether projects developed under the pilot will be permitted to live on beyond the permission period might inhibit some firms from committing significant investment up front.
  • For these reasons, it may be preferable for certain authorised firms to experiment with DLT-based innovation outside the pilot regime. Depending on the precise model, it may be possible to get comfortable that the arrangement is in fact compatible with the general regulatory framework, notwithstanding the use of DLT.

    UK equivalent

    The UK is also aiming to have a “Financial Market Infrastructure Sandbox” in place by 2023. However, whereas draft legislation for the EU’s regime has been in circulation since 2020, most details of the UK’s sandbox remain unclear. The UK government is hoping to take advantage of its newfound law-making agility post-Brexit to streamline the process. It is expected to begin engaging with industry and regulators on the detail over the coming months.

EU debates how to apply travel rule to cryptoassets

Electronic payment transactions in the EU generally need to be accompanied by information about the payer and payee. EU lawmakers are now debating how to extend this requirement, known as the “travel rule”, to combat money laundering via cryptoassets. The proposals have raised concerns in the industry about how cryptoasset service providers could comply with the rule in practice.

What is the “travel rule”?

The Financial Action Task Force sets international anti-money laundering standards. In 2019, the FATF put forward several recommendations for regulating what it calls virtual assets. One recommendation was for virtual asset service providers to obtain, hold and transmit information about both the originator and beneficiary in any virtual asset transaction. The intention behind this “travel rule” is to increase the information available to anti-money laundering and counter terrorist financing authorities about suspicious transactions.

FATF recommendations need to be adopted by national authorities to have legal force. Only a small number of FATF member jurisdictions have applied its recommendations. However, at its most recent meeting of finance ministers, the G7 confirmed its commitment to holding cryptoassets to the same standard as the rest of the financial system, including rapidly implementing the travel rule.

EU approach to implementation

The European Commission has proposed implementing the FATF recommendation by amending (or “recasting”) the EU’s Funds Transfer Regulation.

The FTR currently details the requirements for information that must accompany transfers of funds involving an EEA payment service provider. Under the proposals, similar requirements would be extended to transfers of cryptoassets made by cryptoasset service providers (CASPs). The recast FTR would take the definition of CASP from the EU’s draft legislation for regulating crypto-assets, MiCAR which covers crypto exchanges, custodians and traders, among others.

CASPs would be required to ensure that all transfers of cryptoassets are accompanied by:

  • for the originator CASP: the originator’s name, account number (where relevant), address, official personal document number, customer identification number or date and place of birth; and
  • for the beneficiary’s CASP: the beneficiary’s name, account number (where relevant).

CASPs would also be required to verify the accuracy of this information.

The final details of the recast FTR are currently being negotiated. We highlight below some of the important points still under discussion.

Should there be a minimum threshold?

The Commission’s original proposal would have applied only transactions worth more than €1,000. This is in line with the FATF recommendation for a threshold of €1,000/$1,000 for occasional transactions. However, the European Parliament and Council have suggested applying the travel rule to all transactions involving CASPs, with no minimum transfer threshold.

How to deal with transfers involving unhosted wallets?

Not all transfers of cryptoassets involve intermediaries such as an exchange or custodian. Users may hold cryptoassets for themselves in “unhosted wallets”. This poses a problem for applying travel rule standards because it may not be possible to identify the person who owns the cryptoassets in an unhosted wallet.

Nevertheless, the European Parliament has proposed requiring CASPs not only to collect but also to verify information on the identity of the unhosted wallet holder. The beneficiary’s CASP would also need to systematically report to the relevant authorities all transfers exceeding €1,000 from unhosted wallets.

If it is included in the final text, these requirements would pose practical difficulties for CASPs as they would need to find a way to collect the relevant information from controllers of unhosted wallets. In practice, this may mean that some CASPs choose not to provide services to these wallets.

When would the travel rule start to apply?

The Commission’s draft changes to the FTR interact with other pieces of EU legislation which are still in draft, such as MiCAR and the EU’s latest AML package. It may be several months before these texts become law. To avoid delaying implementation of the travel rule, the European Parliament and Council have suggested de-coupling the recast FTR from the AML package so that the former can start to apply sooner.

The latest thinking is that the recast FTR will be able to align with MiCAR. At one point the Parliament had suggested de-coupling the two but recent progress on MiCAR negotiations should mean that the two texts can enter into force at the same time. It is still to be confirmed when the rules will start to apply.

Other proposals

There are several other measures that the European Parliament has proposed, including:

  • a ban on transactions with third country CASPs deemed not to comply with EU rules;
  • enhanced due diligence for crypto transfers relating to banking transactions;
  • a ban on high-risk transfers on AML/CTF grounds; and
  • establishing a CASP blacklist.

These would impose potentially burdensome requirements on CASPs to screen crypto-asset transfers. Even if these ideas are not picked up in the recast FTR, they may be revisited when the text of the EU AML package is negotiated.

What is the UK’s approach?

The UK is also committed to implementing the travel rule but has yet to set out a timeline for application. The government has proposed implementing the travel rule by amending the UK Money Laundering Regulations rather than by amending the UK version of the FTR. The government has mooted a transitional period to allow cryptoasset exchanges and custodian wallet providers more time to prepare for the new rules.

What happens next?

Negotiations between the European Parliament, Commission and Council are expected to conclude in the coming months. Once the text is agreed, the recast FTR will need to complete the legislative process. As noted above, it is not clear how much time CASPs will have to prepare before the rules start to apply.

With thanks to Imran Bhaluani for writing this post.

UK proposes measures to protect against the collapse of systemic “digital settlement assets”

In the aftermath of the recent collapse of TerraUSD, a prominent USD-pegged “stablecoin”, the UK government is consulting on new measures to bring systemic “digital settlement asset” firms within the special administration regime applicable to traditional systemic payment systems. The proposals raise a number of questions, particularly in relation to scope and objectives. Stakeholders have until 2 August 2022 to respond.

Regulatory response to collapse of TerraUSD

Last month, a highly prominent algorithmically maintained USD-pegged “stablecoin”, TerraUSD, went into freefall, along with its sister cryptocurrency Luna. The incident sent shockwaves across the crypto markets and reinforced the concerns of many regulators around potential contagion risks. In the UK, the Financial Conduct Authority promptly put out a reminder to consumers of the risks of investing in cryptoassets. There followed much speculation as to if and how the government might respond, in light of its recent efforts to present the UK as open for crypto business. The government has now published a consultation paper outlining proposals intended to mitigate financial stability risks by bringing systemic “digital settlement asset” firms within the Financial Market Infrastructure Special Administration Regime (FMI SAR).

What is the FMI SAR?

The UK has certain “special administration regimes” to deal with the insolvencies of entities like banks and financial market infrastructures, where the usual administration process does not best serve the public interest. Traditional payment systems which are recognised as systemic fall within the FMI SAR. If such a payment system fails, the FMI SAR requires the administrator to pursue an objective of service continuity (i.e. continuing to deliver the failed firm’s services), even if that is not in the best interests of the creditors. This is designed to mitigate the risk of severe disruption to the wider financial sector. The Bank of England has oversight and powers of direction over administrators of entities that fall within the FMI SAR.

Proposals to extend and amend the FMI SAR

The government is proposing to pass legislation (i) to establish that systemic (non-bank) digital settlement asset firms will generally fall within the scope of the FMI SAR and (ii) to make amendments to the FMI SAR regime in order to introduce an additional objective for administrators in these cases (as discussed further below). The proposal contemplates that the Bank of England will be the lead regulator but will have an obligation to consult with the FCA, given the potential for regulatory overlap.

What constitutes a “digital settlement asset” and a “systemic DSA firm”?

The consultation paper defines “digital settlement asset” in rather vague terms. What is clear is that this concept is intended to be broader than the category of “payment cryptoassets” which are to be regulated under the e-money and payment services regimes. The government has previously said that that category will not include algorithmic stablecoins. In contrast, the term “digital settlement assets” is said to include “wider forms of digital assets used for payments/settlement” alongside payment cryptoassets.

The term “systemic DSA firms” is stated to refer to “systemic DSA payment systems and/or an operator of such a system or a DSA service provider of systemic importance”. The paper notes that “[a] payment system may be designated as systemic where deficiencies in its design or disruption to its operation may threaten the stability of the UK financial system or have significant consequences for businesses or other interests.”

The additional objective for administrators of systemic DSA firms

While continuity of service is intended to remain an important objective in the administration of a systemic DSA firm, the government wants to introduce an additional objective “covering the return or transfer of funds and custody assets”. This is intended to reflect the fact that, unlike traditional payment firms, DSAs may allow users “to store value which is then used for the movement of funds between cryptoassets without transitioning into fiat money”. This raises a lot of questions. In particular, in the case of an algorithmic stablecoin which has no (or subpar) market value and which is backed by no legal rights or interests in respect of fiat money, what “funds” are intended to be “returned or transferred”, and by whom? The consultation paper provides little insight into these types of issues.

What’s next?

The consultation remains open for comment until 2 August 2022.

European Parliament pushes for sustainability disclosures in crypto market

It is a truth universally acknowledged that Bitcoin has the same carbon footprint as [insert small-to-medium sized European country here]. Now the European Parliament is trying to encourage cryptoassets like Bitcoin towards a more sustainable way of working as part of broader plans to regulate cryptoasset markets in the EU. The UK and US have also said they are looking closely at energy usage associated with crypto. 

ESG meets fintech

Bitcoin is the best-known example of the proof-of-work consensus mechanism. This involves computers competing to solve complex mathematical puzzles to add transactions to the blockchain. This consensus mechanism, referred to as mining, requires electricity – around 707 kWh per Bitcoin transaction, according to the European Parliament – which is often (but not inevitably) generated from fossil fuels.

In response, the European Parliament has suggested including sustainability requirements into the draft EU’s Markets in Crypto-Assets Regulation (MiCAR). The proposals include:

1. updating the EU’s ESG Taxonomy Regulation to cover cryptoasset mining activities

2. requiring white papers of cryptoassets using proof-of-work to include an independent assessment of the asset’s likely energy consumption

3. applying sustainability disclosures to cryptoassets, cryptoasset service providers and issuers.

Taxonomy Regulation

The Taxonomy Regulation establishes the criteria for determining whether an economic activity is “environmentally sustainable”. An activity is environmentally sustainable if it contributes substantially to certain environmental objectives set by the Taxonomy Regulation and meets several other conditions. Technical screening criteria determine whether a given activity contributes to the relevant environmental objective and “does no significant harm” to any of the other environmental objectives.

The European Parliament has suggested that the Commission should include cryptoasset mining in the economic activities that contribute to climate change mitigation in the Taxonomy by 1 January 2025. The likely result is that technical screening criteria would be drafted explaining what an eco-friendly consensus mechanism would look like. Other forms of consensus mechanism would be considered non-compliant from a Taxonomy perspective, which could influence investor demand for the cryptoasset.

White papers

MiCAR will require offers of cryptoassets in the EU to be accompanied by a white paper. The white paper must include certain information including a detailed description of the rights and obligations attached to the cryptoasset.

According to the European Parliament, this white paper should also share information on the sustainability of the cryptoasset including whether the underlying ledger has been maintained in compliance with the Taxonomy, plus an independent assessment of the likely energy consumption of the cryptoasset where the proof-of-work model is used.

Sustainability disclosures

MiCAR will also impose various conduct obligations on cryptoasset service providers. Relevant services relating to cryptoassets include custody, trading, exchange, brokerage, promotion and advice. These providers would be required to act honestly, fairly and professionally in the best interest of their customers and provide information to them which is fair, clear and not misleading.

The European Parliament plans to add sustainability disclosures to these requirements in MiCAR. Under its plans, cryptoasset service providers would have to publish information related to the environmental and climate-related impact of each cryptoasset for which they offer services. This should be placed prominently on their website. Again, the expectation is that this would explain whether the relevant cryptoassets are in compliance with the Taxonomy.

Collectively these proposals do not amount to a ban of proof-of-work mechanisms. However, the greater transparency on ESG factors would aim to drive investment decisions away from “brown” crypto and towards “green” crypto.

Beyond the EU

The EU is not alone in exploring this topic. For example, having committed to regulating some stablecoins, the UK is preparing to set out its plans for regulating other forms of cryptoasset in a consultation paper due later this year. The government has already said that it recognises the issue of rising energy consumption from certain cryptoassets and that its approach will be aligned to environmental objectives, including the UK’s net zero target. President Biden’s Executive Order on the responsible development of digital assets also requests reports from various US federal agencies which should address the effect of consensus mechanisms on energy usage.  

Next steps

The final content of MiCAR is due to be negotiated between the European Parliament, Commission and Council. These negotiations – known as trilogues – will likely take several months. Neither the Commission nor the Council included sustainability-related requirements in their draft versions of MiCAR so it is up in the air whether the European Parliament’s proposals will make it into the law. The expectation is that the text will be finalised in autumn 2022.

Read our survival guide for more on the Taxonomy Regulation and how it interacts with other aspects of the EU’s sustainable finance package.

UK “open for crypto businesses” as it points to flexible future regulation

The UK government has set its sights on being a global hub for cryptoasset technology. HM Treasury has announced a package of measures intended to achieve this vision. This includes the regulation of some stablecoins under e-money rules, an upcoming consultation on regulating broader crypto activities, and a sandbox for financial market infrastructure innovation. The positive messaging signals an attempt to counter suggestions that the UK is no longer an innovation-friendly jurisdiction. 

Stablecoins to be included in payments regime

Last year the UK announced its “staged and proportionate” approach to cryptoasset regulation. According to a January 2021 consultation paper, the first step would be to regulate stablecoins used as a means of payment. Now, in its response to that consultation, HM Treasury has confirmed its intention to do so via existing e-money and payment services regulations.

The Electronic Money Regulations 2011 (EMRs) will be adjusted to cater for “payment cryptoassets”. Broadly these will cover “any cryptographically secured digital representation of monetary value which is, among other things stabilised by reference to one or more fiat currencies and/or is issued and used as a means of making payment transactions”. The precise boundaries remain to be seen but cryptoassets linked to other types of assets (like commodities or cryptoassets) would be out of scope, as would those which are stabilised using algorithms. As a result, we would expect that most stablecoins that are used to facilitate activity in the crypto markets will, at least initially, not be caught by the regime.  

Issuers and other entities providing services for these payment cryptoassets, such as wallet providers, would be subject to the EMRs. This means that they would need to seek FCA authorisation. They would also need to apply prudential and conduct of business standards, including safeguarding rules which require funds to be held to cover the value of the stablecoins that have been issued. The FCA will need to spell out how the existing regime would be applied to stablecoin issuers and service providers at a future date.

Another key aspect relates to location. Existing e-money and payment services regulations require in-scope entities to be based in the UK. One concern is that applying this type of requirement to stablecoin arrangements could end up pushing issuers away from the UK, despite the government’s aims to create a global hub for crypto. HM Treasury’s paper suggests that the location requirements may be revisited in the context of a separate upcoming review on the regulatory perimeter for payments. 

Not all stablecoins will be treated alike. Under the proposals, the Bank of England will be empowered to deem some stablecoin-based payment systems as posing a systemic risk. These systemic stablecoin arrangements and their relevant service providers would then be subject to oversight by the Bank of England as well as the FCA.

More to come on other cryptoassets

In relation to other cryptoassets, HM Treasury is continuing to take an incremental approach. As well as bolstering AML regulation and extending the scope of the financial promotions regime to the crypto sector, it has now announced that it will consult later this year on regulating a wider set of cryptoasset activities. 

The commentary in the paper indicates that HM Treasury remains at an early stage of formulating a clear vision as to how crypto markets and decentralised structures should be regulated. In the run-up to the consultation, the FCA is holding a series of “Crypto-Sprints” with industry participants to help shape regulatory policy. Meanwhile, a Cryptoasset Engagement Group will bring together key figures from the government, regulatory authorities and industry. This suggests that the Treasury has heard feedback on the importance of engaging with industry to develop an appropriate regulatory framework.

FMI sandbox to start in 2023

The Chancellor announced last year that HM Treasury would partner with the FCA and Bank of England to create a Financial Market Infrastructure Sandbox to allow FMIs to experiment with distributed ledger and similar technologies within a flexible regulatory environment. The consultation response reveals that the government will propose legislation to allow for the regulatory flexibility the Sandbox entails, and that the intention is for the Sandbox to be up and running by 2023. It also suggests that the Sandbox will be used to support both existing FMIs in delivering their services more efficiently as well a new FMIs, which in some cases may seek to consolidate the value chain.  

Beyond that, much of the detail remains unclear, including precisely what regulatory flexibility the Sandbox will allow for; which types of entity may apply to participate; the standards participants will need to meet; the nature and scale of activities permissible within the Sandbox; and the role and responsibilities of the regulators overseeing the process. HM Treasury expects to work with industry and regulators to settle these details in advance of introducing legislation.

A careful balancing act

The government aims for its regulation in these areas to be flexible, allowing the FCA and other regulators to change rules in response to market developments. However, they acknowledge that they need to balance this against the benefit of providing clarity to the industry, especially on where the regulatory perimeter is drawn.

Similarly, the government is mindful of the need to balance the (sometimes) competing objectives of risk mitigation and supporting innovation. Amid some recent suggestions that UK authorities have recently focused more on the former, at the expense of the latter, this latest set of announcements seeks to make clear that the UK is committed to creating an innovation-friendly environment.  

Other developments

Other fintech-related announcements made by the UK authorities include the following:

  • The Law Commission will be tasked with considering the legal status of Decentralised Autonomous Organisations
  • Following his review into UK fintech, Ron Kalifa OBE has been appointed chair of a steering committee charged with developing a new Centre for Finance, Innovation and Technology
  • HMRC will continue to explore ways of enhancing the competitiveness of the UK tax system to encourage further development of the cryptoasset market
  • The Chancellor has commissioned the Royal Mint to create a Non-Fungible Token (NFT) this summer 
Next steps

The government says that it plans to introduce legislation to make the stablecoin-related changes when parliamentary time allows. A second legislative phase to bring other cryptoassets into the scope of regulation would follow the consultation which is due later in 2022. We are likely to see draft legislation to facilitate the FMI Sandbox around a similar time. Much like in the US, the next couple of years mark a pivotal stage in the development of cryptoasset regulation in the UK.

Checking regulatory entropy: The Biden Administration’s Executive Order on Digital Assets

On 9 March 2022, the Biden Administration issued its long-awaited Executive Order on Ensuring Responsible Development of Digital Assets seeking to establish a unified US federal government approach to the regulation of digital assets.1 Simply put, for those in the digital asset business – from investors to service providers, NFT holders to large financial institutions, and many more – the Executive Order is critical in understanding how US regulation of such assets will develop in the coming years.

Executive Order 

The Executive Order notes the Administration’s concerns with, among other things, addressing consumer and investor protection; financial stability; illicit finance; US leadership in the global financial system and economic competitiveness; financial inclusion; and responsible innovation. These concerns animate and instruct the following stated goals:

Developing a digital dollar 

To lay the groundwork for issuing a US CBDC,2  the Executive Order calls on the Secretary of the Department of the Treasury (Treasury or Treasury Department), the Board of Governors of the Federal Reserve System, and the Attorney General to research and report on the economic, financial, monetary, national security, law enforcement, and legislative implications of a US CBDC. With these reports in hand, the Attorney General will then provide a legislative proposal for issuing a US CBDC.3

Because CBDCs have the potential to significantly impact cross-border payments and displace existing currencies, the Executive Order also calls on the Secretary of the Treasury to take the lead in establishing an interagency framework for international engagement related to digital assets and CBDCs. This framework will expand existing CBDC-related international cooperation, such as the G7 Digital Payments Experts Group. 

Addressing digital assets’ climate impact 

The high-energy consumption required for digital asset financial structures is a growing concern among environmentalists. In this light, the Executive Order requests a report from various US federal agencies exploring the short, medium, and long-term effects of new digital asset technologies, such as proof-of-stake cryptocurrency mining, on climate change and the energy sector.

The Executive Order also mandates that the report include research on potential uses of blockchain technology to mitigate climate impacts, such as liability exchanges for greenhouse gas emissions, water, and other natural or environmental assets. 

National security and illicit finance risk

The Executive Order details the illicit uses of digital assets and decentralized finance: the facilitation of money laundering, terrorism financing, ransomware, and sophisticated cybercrime.

Notably, the Executive Order comes just days after the Treasury Department issued its 2022 National Risk Assessment specifically addressing the exploitation of the digital economy by criminals, foreign terrorist groups, and rival nations. In response to these issues, the Executive Order calls on several US federal agencies to provide strategic advice on how to effectively mitigate these risks, which have taken on greater import given the conflict in Ukraine.4

Protecting consumers 

The Executive Order also aims to protect US consumers, investors, and businesses from the financial risks posed by a digital asset ecosystem lacking appropriate oversight. In particular, the Executive Order shows concern for the risks digital assets pose to less informed market participants and the potential for these risks to exacerbate social inequities. The Executive Order envisions a regulatory framework that promotes responsible innovation while protecting consumer privacy, data, and assets, providing adequate disclosures to investors, and supporting equitable economic growth. 

To that end, the Executive Order requests the Secretary of the Treasury, in consultation with the Secretary of the Department of Labor and key independent agencies,5such as the Federal Trade Commission (FTC), the Securities and Exchange Commission (SEC), the Commodity Futures Trading Commission (CFTC), the Federal banking agencies, and the Consumer Financial Protection Bureau (CFPB), to produce reports addressing specific aspects of the transition to a digital asset economy, including effects on consumers, investors, and businesses. The reports should also include recommendations to protect consumers and support access to safe and affordable financial services. 

Mitigating systemic risk 

Citing the general principle of “same business, same risks, same rules,” the Executive Order emphasizes that large firms providing digital asset services should comply with the same standards that govern traditional financial firms and that the regulatory framework may need to evolve to cover the additional risks created by each digital asset’s unique characteristics.  

To accomplish this, the Executive Order urges the Secretary of the Treasury to convene the relevant US federal financial regulators (e.g., the SEC and the CFTC) and produce a report identifying the specific risks to financial stability posed by digital assets as well as existing regulatory gaps, and to make recommendations to address these risks, which may include proposing additional laws and regulations.  

Flurry of activity

The Executive Order comes amid a flurry of recent US federal government research, regulation, and enforcement actions regarding digital assets important to understanding the current state-of-play in the United States. For example, to safeguard retail investors, the Treasury Department’s Financial Literacy and Education Commission recently launched a new effort to educate consumers about digital assets. Meanwhile, concerns that a crisis among stablecoins could result in a “bank run” style panic has led the President’s Working Group on Financial Markets and US federal bank regulators to recommend that stablecoin issuers be required to obtain a bank charter.  

On the enforcement front, both the SEC and the Department of Justice recently announced high-profile civil and criminal actions against alleged wrongdoers in the digital asset space. The day before the Executive Order was issued, the SEC charged two siblings with defrauding retail investors out of more than $124 million through fraudulent digital token offerings. And in a headline-grabbing move in February 2022, the Department of Justice arrested a married couple for allegedly conspiring to launder more than $4 billion in stolen cryptocurrency. As part of the latter action, the DOJ seized over $3.6 billion in cryptocurrency in what it touted as the Department’s largest financial seizure ever.


This is not the beginning of the end, and likely is not even the end of the beginning of US digital asset regulation. While the industry has applauded the Executive Order, there is still a need for greater legislative guidance and regulatory clarity. The direct pressure on Cabinet-level officials, indirect pressure on independent agencies, and eventual pressure on the US Congress will only continue to build.6While the Administration can do a lot in regulating digital assets, Congressional action will play a key role in implementing the President’s vision.

UK authorities team up to remind regulated firms about crypto standards

Regulated firms are increasingly interested in entering the (largely) unregulated cryptoasset market. In a coordinated set of statements, UK authorities have reminded firms of their obligations under existing prudential and conduct regulation when they do so. These statements also pave the way for an expansion of the regulatory perimeter, including through the regulation of systemic stablecoins, ahead of HM Treasury’s anticipated response to its 2021 crypto consultation.

Impact of crypto on financial stability

In recent years we have begun to witness a blurring of lines between the traditional financial sector and the crypto sector. This includes the growth in institutional exposure to unbacked cryptoassets like bitcoin and ether (in some cases indirectly, through derivatives or exchange traded products), as well as the rise of non-banks developing stablecoins backed by traditional asset classes.

The Bank of England and its Financial Policy Committee have for some time expressed measured concern over the potential financial stability risks. In a new report, the FPC reiterates a position we have heard several times before: the FPC considers that the direct stability risks posed by crypto and decentralised finance to the UK financial system are currently limited, but that they have the potential to grow and need to be monitored closely. The report outlines how the FPC intends to continue monitoring risks to systemic financial institutions; risks to core financial markets; risks from use in payments; and the impact on real economy balance sheets. 

As the markets grow, the FPC expects that enhanced regulatory frameworks will be needed, both at a global and domestic level. For now, it has welcomed statements from the Financial Conduct Authority and Prudential Regulation Authority reiterating firms’ existing regulatory obligations (as discussed below) as well as the government’s proposals to regulate stablecoins, including by bringing systemic stablecoins within the remit of the Bank of England (see our blog post: UK reveals plans to regulate stablecoins).

Treating crypto exposure

Published on the same day as the FPC report, the PRA has written to CEOs at banks and PRA-regulated investment firms to set out its views on exposures to cryptoassets. This builds on its 2018 letter on the same topic (see our blogpost: Guidance on how UK firms should handle exposures to crypto-assets).

In its latest letter, the PRA reminds firms to consider the full prudential framework when assessing and mitigating risks arising from cryptoasset exposures (including indirect exposures) or other activities (such as custody). Among other things, it suggests that its rules on market risk mean that a capital requirement of 100% of the current value of the firm’s position is likely to be appropriate for “the vast majority of cryptoassets”. The PRA says this is “particularly” the case for unbacked cryptoassets, while remaining somewhat vague in relation to digital assets backed by legal rights or interests.

The PRA also flags the need to manage operational risks. For example, firms that outsource the custody of crypto keys should understand their liability if the third party custodian fails and in that situation their legal and operational options for regaining control of the relevant assets.

The letter provides firms with guidance but does not propose changes to the existing regime. The Basel Committee on Banking Supervision is working on an internationally-agreed position on the treatment of cryptoassets (see our blogpost: Global banking regulator outlines proposals for the prudential classification and treatment of cryptoassets). The PRA does not suggest that it plans to pre-empt the BCBS by proposing a tailored crypto prudential regime before those talks are concluded.

The FCA has also issued a notice directed to all regulated firms with exposure to cryptoassets. The FCA reiterates that firms should be clear with customers about the extent of their business which is regulated. Firms are also advised to check whether the businesses they interact with are on the FCA’s list of unregistered cryptoasset businesses.

Regulating systemic stablecoins

Last year, the Bank of England published a discussion paper on new forms of digital money, including systemic stablecoins (see our blogpost: Bank of England papers on new forms of digital money). It has now published a summary of the responses along with planned next steps.

Among other things, respondents broadly agreed on the need to preserve cash; achieve interoperability between all forms of money; and have an appropriate risk-based regulatory framework for systemic stablecoin arrangements, including for private sector intermediaries.

The Bank had originally outlined four potential models for regulating systemic stablecoins in order to achieve the equivalent protections enjoyed by holders of commercial bank money. These models generated a mixed response among respondents. The FPC has advised that model 4, which contemplates stablecoins backed by commercial bank deposits, would introduce undesirable financial stability risks. The FPC also considered that any regulatory framework would need to mitigate the absence of a “backstop” (akin to the Financial Services Compensation Scheme and bank resolution arrangements) to compensate depositors in the event of a failure, as this type of state-backed arrangement would be difficult to replicate for non-banks. 

Next steps

In its letter the PRA says it will continue to monitor any expansion of firms’ crypto-related activities and expects firms to discuss proposed prudential treatment of crypto exposures with their supervisors. A PRA survey asks firms about their current and planned crypto exposures, including indirect exposure to crypto via derivatives. Responses to the survey are invited by 3 June 2022.

Before then, HM Treasury is expected to release more detail on the direction of travel for the regulation of cryptoassets in the UK, which is expected to include draft legislation introducing a regulatory framework for stablecoins (see our blogpost: UK reveals plans to regulated stablecoins). Building on this, the Bank of England intends to consult on its proposed regulatory model for systemic stablecoin issuers and wallets in 2023. 

The Bank of England and HM Treasury are also expected to launch a joint consultation on the case for introducing a UK CBDC in 2022.

China’s crypto ban extends to a wider range of crypto-based activities

In September 2021, the People’s Bank of China and nine other Chinese government authorities jointly released the Circular on Further Preventing and Handling the Risks Concerning Speculation in Virtual Currency Trading. Together with another official notice to stamp out cryptocurrency mining, cryptocurrency-based mining and other crypto-related activities in China are set to be tightly regulated. 

See this alert from our China fintech team which summarises some of the recent related regulatory developments and discusses several hot topics such as NFTs and China’s Digital Yuan Plan.

The Kalifa Review of UK Fintech: One Year On

The Kalifa Review of UK Fintech was published in February 2021, with great fanfare. The report set out a myriad of bold recommendations to empower the UK to retain and strengthen its position as a global leader in fintech. One year later, as the effects of the pandemic continue to drag on, we follow up with 10 observations on the progress made.

1. A strong start to a marathon project

The Kalifa Review set out an ambitious multifaceted agenda for the UK. Its implementation was always going to be more of a marathon than a sprint. Still, (at the risk of mixing sporting analogies) we saw a strong start right out the gate.

Within the first few weeks of its release, the Chancellor had endorsed the Kalifa Review and committed to implement many of its recommendations. This was a highly promising start and one that was cemented a few months later when the Autumn Budget allocated £5m to seed fund the Centre for Finance, Innovation and Technology (CFIT). This was the vehicle Kalifa envisaged would coordinate the delivery of his strategy. Kalifa reportedly viewed its funding as the “main outstanding piece of the jigsaw” and was delighted with the result.

2. Slow but steady progress on support for scale-ups

Many of the recommendations were aimed at retaining fintech businesses in the UK beyond the start-up stage, with the hope of creating more homegrown global champions. Support was recommended on multiple fronts, including in relation to capital, talent and regulation. Progress on most aspects has been slow but steady.

Concerning capital, the government launched a long-awaited consultation on enabling investment into productive finance in November. Among other things, it looked at revising the charge cap for defined contribution pension schemes to facilitate the use of performance fees. These revisions are expected to unlock greater investment into high growth sectors such as fintech. The consultation closed in January and we are now awaiting the government’s response. 

The government has also announced reforms to R&D tax credits, which again were designed in part to attract growing fintech businesses with financial incentives. Among other things, the reforms expand qualifying expenditure to include data and cloud computing costs and refocus the reliefs on innovation that actually takes place in the UK. 

In relation to talent, the government has committed to launching a “Scale Up Visa” in spring 2022; fast-tracking visa applications for recruits to recognised UK scale-ups; and launching a Global Talent Network to help fill skills gaps from talent pools in the US and India. 

On the regulatory side, Kalifa suggested that the Financial Conduct Authority (FCA) could implement a “scalebox” i.e. a package of measures to assist firms which are growing significantly. In response, the FCA has piloted additional support for newly authorised firms and fast-growing firms via what it initially labelled a “regulatory nursery”. These initiatives are expected to be rebranded as “early and high growth oversight” when they are fully rolled out later this year.

3. Job done on reforming Listing Rules

Amid concerns over the UK’s declining status as a venue of choice for global IPOs, the Kalifa Review recommended a number of changes to the UK Listing Rules. This included removing restrictions on certain dual-class share structures and reducing the proportion of shares required to be in public hands. Both measures were intended to favour founder-led companies, by allowing founders to retain a greater degree of control after a floatation. The recommendations were echoed in Lord Hill’s UK Listings Review, which was published around the same time. 

The FCA has wasted no time putting these recommendations into practice. By July 2021, it had already launched a consultation outlining its proposals and the changes were finalised and in effect by the beginning of 2022.

Meanwhile, the government has been seeking to amend the prospectus regime, to ensure that it is not overly burdensome for issuers. For example, it is proposing to allow companies to provide forward-looking financial information in certain circumstances, which is expected to be particularly helpful in sectors such as fintech.

Of course, the proof will be in the pudding and it remains to be seen whether these reforms will indeed have the desired effect.

4. No signs of relaxations on merger control

One remark in the Kalifa Review that raised some eyebrows was the suggestion that the Competition and Markets Authority should take a more flexible approach in its merger control assessments. The rationale was that a degree of consolidation would be critical in facilitating the growth that UK fintechs need in order to become global champions.

As we expected, the CMA has not shown any signs of relaxing its controls since then. On the contrary. The CMA has made a number of high-profile investigations in the fintech space, including an inquiry which led it to block the merger of two homegrown crowdfunding platforms, Crowdcube and Seedrs, and resulted in Seedrs being acquired by the US platform, Republic. It is also proceeding with revisions to its rules to make it easier to block tech mergers. Similar trends continue in the EU and US and show no signs of abating. 

5. An encouraging start on foreign trade alliances, though no regulatory recognition

The Review highlighted the importance of facilitating access to international funding and markets, not least given the relatively small size of the UK’s domestic market as well as the recent loss of EU passporting rights for firms regulated in the UK. 

Since then, the government’s Department for International Trade has been busy negotiating a Digital Economy Agreement with Singapore, and it reached an agreement in principle in December. Among other things, the agreement seeks to ensure that UK businesses can continue to sell electronic content to Singapore without facing tariffs, promote interoperability (e.g. through mutual recognition of electronic authentication and digital signatures), reduce restrictions on cross-border data flows and facilitate knowledge sharing. It does not appear to include anything on mutual recognition of regulatory standards, something that would be particularly useful in establishing the UK as an international launchpad post-Brexit. 

The UK Office for Investment has also secured a commitment of £10bn of investment from the UAE into a number of sectors including tech, though the recently established UAE-UK Sovereign Investment Partnership.

6. No single cohesive regulatory strategy

The Review’s very first recommendation was the delivery of a “digital finance package” that would outline a new regulatory framework for emerging technologies. The idea was that this would bring together the regulatory agendas of all the various government departments and regulators under one coordinated strategy, with clear objectives, actions and timescales.

Disappointingly, while we have seen developments across various areas of regulation, we are still awaiting an overarching UK strategy. In many areas (such as the regulation of digital assets), there remains a considerable degree of uncertainty as to the UK’s long-term direction of travel, and a clear strategy would be extremely welcome in the industry. Moreover, a bold statement of direction could play an important role in attracting innovation to the UK.

7. Support for financial market innovation

One of the areas of policy recommended for inclusion in the digital finance package was support for financial market innovation. There have been a couple of promising developments in this area following the report. 

In relation to securities, the government announced that it will work with the FCA and Bank of England to deliver a financial market infrastructure “sandbox”. This is intended to enable firms exploring the use of innovative technologies in the settlement of financial instruments to do so within a more flexible regulatory environment (subject to appropriate protections). The government is currently working with the Bank of England and the FCA to deliver this.

With regard to payments, the Bank of England launched a new model for settlement in central bank money in April. Under this model, a payment system operator can hold its participants’ funds in an omnibus account with the Bank of England and settle transactions between participants in real-time simply by updating the participant balances in the omnibus account. The model is expected to support the development of a range of novel payment systems, including those that may be based on distributed ledger technologies. 

8. Establishing the case for a UK CBDC

In line with Kalifa’s recommendations, the Bank of England has continued to devote significant resource to research and development on issuing a retail Central Bank Digital Currency. In the past few months, it has published the findings of responses to its initial discussion paper, announced that it will launch a formal consultation on the use case for a CBDC in 2022 and begun engaging with various lawmakers and stakeholders. 

Perhaps unsurprisingly, reactions have been mixed. Notably, the House of Lords’ Economic Affairs Committee has been somewhat lukewarm, concluding in a recent report that they “have yet to hear a convincing case for why the UK needs a retail CBDC”.

9. Broad focus on data, but no clear direction on Open Finance

Harnessing the power of data was a prominent theme in the Kalifa Review and we have seen a number of initiatives in this vein. For example, the government has launched an ambitious policy framework on data, run a consultation on digital identities and committed significant funding to data-related initiatives. There has also been a consultation on reforms to the UK’s data protection regime, with a view to making certain departures from GDPR in order to provide more tailored support and supervision of data-driven businesses. The Information Commissioner has indicated that these reforms are intended to create a world-leading regime, which at the same time will not endanger the UK-EU data relationship.

However, it remains unclear exactly where the UK is headed with regard to Open Finance i.e. the initiative to broaden user-driven data sharing within the financial sector. The FCA finally published the findings to its Open Finance Call for Input last March. Among other things, it concluded that there was a need for a legislative and regulatory framework to facilitate Open Finance, but we are yet to hear any specific proposals. 

10. Investors embrace regional development

And finally, a brief comment on dynamics within the UK. The Review recommended breaking up London’s near monopoly on UK fintech by developing a number of regional hubs. Investors have clearly got the memo. Regional investment outside London has increased 237% since 2020, according to new figures from Innovate Finance. The data suggests that investment into fintech in the UK as a whole is also up, but that regional growth rates surpass the national average. This may come as little surprise to some, given broader relocation trends fuelled by the pandemic.

Get in touch

Overall, things broadly seem to be moving in the right direction, though some with more speed and precision than others. We will be keeping a close eye on how all these matters develop over the coming years. Should you have queries, please do not hesitate to get in touch.

Russian Central Bank proposes a ban on cryptocurrencies

As Spain, Singapore and the UK have been taking steps to regulate the rules around advertising cryptoassets (read more), last week the Russian Central Bank took a step further, publishing a consultation paper which proposes a ban on the issuance, use and mining of cryptocurrencies in Russia.

According to the consultation paper, the value of Russian citizens’ transactions with cryptocurrencies has reached $5 billion per year, and Russian individuals have become active users of international online cryptocurrency trading platforms. Following the ban on crypto mining in China, Russia has become one of the global leaders by mining capacity so the proposal has serious implications for the fintech sector.

However, even if the Central Bank manages to push through its position and finally comes up with a draft law addressing all the suggested bans, the Russian legislative process is a rather long and complex one and the results may be quite unpredictable.

The story so far

Russian law officially recognised cryptocurrencies as a legitimate asset on 1 January 2021. It legalised the use of cryptocurrency as an investment tool or a payment method, but at the same time expressly banned Russian legal entities and individuals from advertising and using cryptocurrency as a means of payment inside Russia.

An implementing law which would set out procedures for the issuance and circulation of cryptocurrency in Russia was also expected last year, but its adoption was delayed, largely due to the ongoing debate between various state authorities as to the optimal approach to the regulation (read more in the Russia section of our Fintech Global Year to Come 2022, Year in Review 2021).

What bans are proposed?

In its consultation paper, the Central Bank proposes:

  • to prohibit the issue and/or circulation of cryptocurrency inside Russia (including through cryptocurrency exchanges and the like);
  • to prohibit Russian financial institutions, financial intermediaries and the country’s financial infrastructure from trading cryptocurrencies and creating related financial instruments;
  • to prohibit cryptocurrency mining in Russia; and
  • to establish liability for the violation of the existing restriction on paying with cryptocurrency between Russian nationals inside Russia and of the new proposed bans.

There is currently no plan to ban Russian citizens from holding cryptocurrencies or from trading cryptocurrencies abroad through their offshore accounts, as Elizaveta Danilova, the head of the Central Bank’s Financial Stability Department, said in a briefing. However, the system of regular monitoring of cryptocurrency transactions is likely to be enhanced, including via cooperation with foreign regulators, in order to obtain information about Russian citizens’ operations in foreign cryptocurrency markets.

Key reasoning

The key reasons cited by the Central Bank for introducing these bans are perceived threats to citizens’ wellbeing, financial stability, monetary policy sovereignty and risks of widening of the illegal activities (money laundering, drug trafficking, terrorist financing, etc.) as a result of the growing use of cryptocurrencies. In the regulator’s  opinion, cryptocurrencies show signs of a financial pyramid and their use may eventually lead to the formation of a bubble in the market.

As for cryptocurrency mining, the Central Bank’s view is that it creates unproductive consumption of electric power which threatens the social infrastructure and the implementation of Russian environmental agenda.

The Central Bank also believes that the global trend for growing popularity of cryptocurrencies will soon be reversed against the backdrop of swiftly developing faster payments systems and emergence of central bank digital currencies – from the regulator’s perspective these may represent a better  alternative to the cryptocurrencies as they have many similar advantages such as high speed, convenience, blockchain protection and relatively low cost.

What’s next?

The  proposal represents a view of just one, albeit the key, regulator in the area. The Central Bank position could still face some resistance among other state authorities and lawmakers. For instance, during the last few months there have been quite a few statements by a number of high-ranking Russian officials in the press in support of legalising crypto mining activities which would allow to introduce the respective taxation regime and thereby boost the Russian economy.

Currently the Central Bank proposal is at a very early stage, we have only seen a consultation paper which is aimed at fueling a discussion in the market. We will be following developments closely.

The report says cryptocurrencies are volatile and widely used in illegal activities such as fraud. By offering an outlet for people to take their money out of the national economy, they risk undermining it and making the regulator’s job of maintaining optimal monetary policies harder the report said. The bank, therefore, said Russia needs new laws and regulations to effectively ban crypto-related activities. (CoinDesk)

Global Fintech Trends in 2022

The digitalisation of finance and the opportunities for fintech

The digitalisation of financial products and markets continues apace. As the world struggles to emerge from the Covid-19 pandemic, the financial industry is having to adapt to once-in-a-generation societal changes, and technology is at the heart of its response. As financial services are unbundled and repackaged around a digital architecture, the market has become more competitive. The line between tradfi and fintech has blurred now that insurgents have become mainstream, “traditional” firms operate like tech companies, and tech companies are embedding themselves in the financial ecosystem.

The face of financial services is no longer the high street bank, but the digital marketplace. Representing the platformisation of financial services, these marketplaces are the new hubs for consumers to access products. Increasingly, these products include cryptoassets. New alternative investing platforms give users access to non-traditional asset classes that will not always be clearly within the scope of existing consumer protections, prompting regulators to consider whether existing regulatory frameworks are adequate.

Tackling friction in cross-border payments continues to be a major area of focus, with attention on both improvements to existing infrastructure and the development of alternative rails such as stablecoins and CBDCs. Alternative forms of digital money could present potential solutions to cross-border payments but also raise questions about the future of traditional forms of money and their role in society. The use of data and data protection regulation is also an increasingly pressing issue as the role of AI and machine learning in financial services continues to gain traction.
Another factor underpinning innovation in finance is the growing focus on climate change and the role of sustainable finance and fintech solutions in achieving the immense challenge of transitioning to net zero and carbon neutral solutions. Fintechs need to be mindful of ESG compliance, especially those in the digital asset space given the energy-intensive nature of certain crypto activities.

The fintech sector has proved extremely resilient and is emerging successfully from the pandemic, with a huge amount of activity and interest. All in all, however, there is plenty of work to be done in policy, law and regulation to help both those providing and those utilising financial services navigate the seismic changes ahead.

Record levels of fintech investment and funding

The digital shift has precipitated record levels of funding into digital assets, payments and fintech generally. Global funding to start-ups is at an all-time high with a tsunami of capital flowing into private tech companies. Fintech has also been the big winner in venture capital with one in every five venture dollars going into fintech investments in Q2 2021 . Overall, 2021 saw a flood of fintech innovation capital and, by the end of Q3 20211, global fintech funding reached US$94.7 billion (with 3,549 deals), almost double 2020’s full-year total.

Asia has become a hot spot for fintech deals which reached a record high of 307 deals totalling US$5.9 billion in Q3 2021. The region has seen consecutive quarterly deal growth since Q2 2020, and funding growth since Q3 2020. We are seeing South East Asia tech companies, especially in Indonesia, as a destination for investment money looking to hedge China risk. The US is leading in funding, with levels exceeding the total funding for Asia, Europe, LatAm and Canada combined. In the third quarter of 2021, over 43 new fintech unicorns emerged globally, with the US being home to nearly half of all the total 206 existing fintech unicorns2.

There has been some concern amongst commentators that this fintech boom is a bubble, created by sky high valuations and a fear among investors of missing out on the next big success story. It is certainly true to say that, as in any new and rapidly expanding sector, innovations in fintech face a material risk of failure. However, Fintechs are almost by definition agile and – just as Big Techs are diversifying into finance – are showing the ability not only to disrupt traditional financial services, but also to diversify into broader tech offerings (such as Paypal’s move to combine fintech with social media and e-commerce through the acquisition of Pinterest).

We therefore expect these upwards investment trends to continue into 2022, and for the healthy financing climate to lead to more fintech exits. Yet investors and fintechs will need to take account of geo-politics and the headwinds brought about by the prospect of a regulatory reset for the digital economy. It remains to be seen how long the heat in the market can be sustained as the impact of new policies and regulations, such as antitrust attention on control of data, and new/enhanced foreign investment regimes focused on the tech sector, start to bite.

1 Source: State Of Venture Q2’21 Report – CB Insights Research

2 Source: State Of Fintech Q3’21 Report – CB Insights Research

The global regulatory reset impacting fintech – financial services, antitrust and data

One of the most striking interventions in the digital economy in 2021 has been in China, which has turned the tide on Big Tech with a regulatory squeeze using various of the regulatory levers at its disposal. What started as regulatory scrutiny in consumer finance has quickly moved into the antitrust space and cryptoassets. More recently, the focus has been on the interoperability of apps (within SuperApps), data flows and whether platforms should be broken up.

While the China clampdown is impacting domestic investment, it is also creating opportunities in India and South East Asia which is accommodating those leaving China’s markets or looking to diversify. Singapore, in particular, is experiencing growth as a “hub”. With support from the regulators, South East Asia is also seeing growth on digital banking.

The US is also experiencing a reset. Witness the changing tides of sentiment against US tech giants and new Biden appointees shaping the digital asset market, which has become too large to ignore. US regulators across the board have been resorting to regulation by enforcement and are also starting to think about specific regulatory frameworks for tech. Centralised finance is moving towards banking regulation but the explosion in DeFi, crypto, NFTs and stablecoins is presenting a regulatory challenge.

Consumer protection is also going up the regulatory agenda in both the EU and the UK but with more of an evolutionary than revolutionary approach as they look to foster safe and trustworthy innovation, building on existing strong regulatory frameworks and guidance. The EU has put out various specific proposals which we expect to see progressed in 2022, whilst post-Brexit the UK is still taking its time to find the right balance between addressing emerging risks and supporting innovation.

Blurring lines between crypto and mainstream financial markets

Markets in “first generation” cryptoassets like Bitcoin and Ether are continuing to expand rapidly. At the same time the range and complexity of digital assets is also growing, with the rise of Decentralised Finance (DeFi), Non Fungible Tokens (NFTs) and projects to digitise or tokenise traditional asset classes, from financial instruments to cash to real estate.

A notable trend is that institutional exposure to digital assets as a distinct asset class has been increasing significantly and is expected to continue to do so. Exposures may come in a variety of forms, such as direct trading, trading in derivative and related products, portfolio investment, integration of digital assets within service offerings and investment in digital asset market players.

Alongside this, the use of novel technologies, such as blockchain and distributed ledger technologies, to digitise assets and automate processes in traditional financial markets, continues to gain momentum. While many of these projects still involve a high degree of centralisation, increasingly greater degrees of decentralisation are being considered, including deployments on public blockchains.

The crossover between decentralised and traditional markets and related contagion risks will be of particular concern for policymakers. For example, the financial stability consequences of a crash in the price of Bitcoin are all the more significant if the crypto market is highly integrated with the traditional financial sector. Likewise, as DeFi arrangements continue to grow and gain institutional backing, the need to close regulatory gaps in this area becomes more pertinent.

Across the globe, regulators are considering how best to regulate the expanding spectrum of digital assets in order to tackle financial crime, protect investors and mitigate systemic risks while at the same time supporting innovation. The answers are not straightforward. Regulatory approaches continue to be bolstered, refined and clarified and we expect this trend to continue into 2022.

Payments and the future of money

With the pandemic having turbocharged the payments revolution, innovation in payments will continue to drive greater convenience, lower costs and increasingly frictionless instant payments. This innovation will be led by digital marketplaces which are benefitting from society’s move to online shopping and which, in response, are investing more in their payments infrastructure. Meanwhile new payments products, such as buy-now, pay-later, will aim to embed the BNPL model in anticipation of future regulatory scrutiny.

Innovation has resulted in more choice for consumers in the way they make and manage payments, from APIs and Open Banking, to QR codes, e-money, digital wallets and BNPL. Competition between payment service providers, and the technology firms and digital marketplaces, will drive further innovation but also put pressure on business models. Many of these providers are reliant on each other as payments chains become more complex, increasing the potential for legal disputes between contracting parties.

Innovation is not limited to the private sector. An increasing number of central banks have now launched or begun piloting a CBDC. Ironically, many of the more economically developed jurisdictions have reached less advanced stages, as they take their time to consider the use case, potential implications and design. There has been a significant amount of cross-border collaboration between many of these jurisdictions to develop common frameworks and to try to ensure that different domestic CBDCs can interoperate with one another.

Potential issuers of systemic stablecoins await clarity from regulators as to the proposed regulatory framework. It remains to be seen whether regulatory proposals will be compatible with a commercial stablecoin proposition. Meanwhile Asian countries are forging ahead with other innovations and we expect to see more projects such as the Singapore and India linkage of real-time payment services through mobile phone numbers and UPI virtual payment addresses.

Data governance, cyber and innovation – an increasingly complex matrix

Regulators in major markets are adopting divergent approaches as they seek to strike the right balance between incentivising effective risk management and not stifling innovation.

The EU’s first-mover proposals for an AI-specific regulation have provided a benchmark for a comprehensive, risk-based approach. As things stand, there are some concerns that the calibration to risk approach and the broad categories of high-risk activity could stifle innovation and even create barriers to the adoption of AI in the EU. However, the proposed regulation has a long way to go and will need to pass through the EU’s legislative machine – where material changes could still be made – and will then apply two years after it is adopted. This means any new obligations are unlikely to start to apply before 2024.

The UK’s own approach to regulating AI is evolving, as it considers a “light-touch” regulatory framework to foster innovation, At the same time it is also considering deviations from EU standards for data protection again to support innovative tech. China has responded to GDPR with a similar, but sometimes more stringent, data protection regime, as well as making its own proposals on global standards for AI. Data protection and cyber rules are proliferating in the US, as well as increasing enforcement against digital platforms.

Several markets are also following the lead of the UK and EU in issuing wide-ranging operational resilience requirements. This broad range of unharmonised international requirements will place increasing pressure on financial institutions to focus resources on the increasingly complex interaction between the technology, risk, compliance and procurement functions.

Innovation leading to increasing enforcement and litigation risk – particularly with respect to crypto

Greater consumer adoption of new financial technologies means that regulators are even more focused on taking steps to ensure both they and firms mitigate the risk of consumer harm. But many novel financial product and service offerings don’t neatly fit into the existing regulatory and legal frameworks. These products and services seem to pose greater inherent risks than traditional financial service products: for instance, with some products (e.g. crypto) being far more volatile and vulnerable to market manipulation/scams/being used for financial crime. When combined with the fact that many of the companies offering these products are young and have relatively immature compliance frameworks, there is a recipe for future regulatory investigations, potential enforcement and litigation.

This is especially the case as regulators’ expectations of what companies will do is rising across many subject areas: from preventing financial crime to transparently and fairly processing personal data, from acting more in consumers’ interests to acting responsibly when it comes to topics like ESG and D&I. And, where the risk of civil claims, either class actions or individual, is increased by the availability of litigation funding in many jurisdictions, this has in turn fuelled creativity in how civil claims are formulated and pursued.

In the US, the popularity of cryptocurrencies and the volatile market have attracted the attention of federal and state agencies in recent years. The Securities and Exchange Commission (SEC), Commodity Futures Trading Commission (CFTC), Internal Revenue Service (IRS), Financial Crimes Enforcement Network (FinCEN), and the New York State Department of Financial Services are among the agencies that regulate the use of cryptocurrencies. Governmental investigations and enforcement actions are typically based on allegations of fraud, misconduct, money laundering, and compliance with securities laws.

While regulators struggle with how to best bring about enforcement, cryptocurrency users are not waiting around. They are suing. Cryptocurrency users are exercising their rights under existing federal, state and contract laws to recover damages. They can do this because much of the malfeasance in cryptocurrency markets is not novel, just repackaged. Private litigation, i.e. enforcement by people rather than regulators, has thus far addressed three general issues in blockchain breakdowns: (i) “traditional” securities fraud; (ii) initial coin offering (ICO) failures; and (iii) platform disruptions.

On the civil side, investors are also bringing lawsuits claiming fraud, market manipulation and violation of securities laws. Complaints alleging breach of contract, intellectual property infringement, trade secret misappropriation, and others have also been increasing.