HODL as crypto regulation could go to the moon

HODL, or "hold on for dear life", and "going to the moon" are expressions widely used in the crypto space. Some of the proposals in three recent papers on regulating crypto, ICOs and DLT in the UK and Europe could lead to very different meanings for HODL and going to the moon! In this briefing, we will summarise the three papers and make some predictions about how the regulation of crypto assets, ICOs and DLT in the UK and Europe could play out.

Introduction

Three important papers from the UK Treasury Select Committee, ESMA's Securities and Markets Stakeholder Group (SMSG) and the UK Cryptoassets Taskforce have been published in recent weeks, setting the future course of regulation of crypto assets, initial coin offerings (ICOs) and distributed ledger technology (DLT) in the UK and Europe.

UK policymakers seem more inclined than their EU counterparts to create a clear yet flexible framework to regulate crypto asset activity, without stymieing innovation. This is critical if the UK is to maintain its badge as the FinTech Capital of the World. Conversely, the approach suggested by the SMSG could hamper innovation by imposing complex and costly compliance and regulatory requirements on firms within the EU's net. It will be interesting to watch how this plays out in the context of Brexit, as it is potentially the first case of UK financial services policy diverging from that of the EU.

It is also encouraging that the UK regulators and HM Treasury recognise the range of possibilities DLT may unlock and the potential for the UK to become a global centre for crypto business and innovation provided a proportionate regulatory framework which enshrines high standards and builds legitimacy can be implemented. Future regulation is an opportunity to be welcomed; below we set out some predictions for UK crypto regulation in 2019 and recommend some principles which should guide UK regulators in achieving their aims.

Our 10 Predictions

1. Regulation is coming. This is an easy one – but we'll take it! The papers confirm that regulation of crypto assets in the UK and Europe is inevitable and will be implemented sooner rather than later. UK and European regulators will publish at least four consultations by year end or early next year. The outcome of these will shape what form regulation will take.
2. Crypto assets will be divided into three categories; the UK will regulate one, "Europe" may try to catch everything. We think there will be three types of crypto assets in the UK, resembling the approach of the Swiss regulator. The UK will regulate security tokens (which offer rights equivalent to voting power or equity in companies) by adding them to the list of regulated investments, meaning they will be treated the same as shares etc. Payment tokens and utility tokens will remain unregulated, save perhaps for the financial promotion regime and prospectus rules (see paragraph 6 below). Europe will regulate all token offerings, except plain vanilla utility tokens.
3. There will not be an outright ban on crypto derivatives. There is a suggestion that the FCA will use its product intervention powers to ban derivatives where the underlying is a crypto asset given the volatility of crypto assets. We do not think this will happen. There is already a 2:1 leverage limit on crypto CFDs and other measures recently introduced by ESMA to protect retail investors who buy CFDs. It would be worthwhile giving time to see how the new product intervention rules and MiFID product governance rules are applied first. Placing a ban on crypto derivatives will not prevent retail clients going elsewhere to buy the underlying assets; regulators cannot control the volatility.
4. Many utility tokens will fall within the scope of regulation. UK and European regulators will publish clearer (hopefully!) guidance on what they consider to be security tokens and utility tokens. This will broaden / clarify the regulatory perimeter and mean many more ICOs will be regulated token issuances.
5. A new regulated activity of "Operating a crypto [business]". The UK will introduce a new regulated activity of "Operating a crypto asset [business]". This will be a light touch regime initially along the lines of the peer-to-peer lending regime and will regulate crypto exchanges and wallet providers. This approach will lead to a proportionate increase in regulation to protect consumers, but will not be as onerous as adding all crypto assets to the list of regulated investments (like we expect security tokens to be). Adopting the latter approach would be disproportionate at present, but Europe could well take this approach and this will make the UK more appealing as a crypto hub.
6. Marketing of crypto assets subject to financial promotion regime. The UK will extend the financial promotion regime to the offering or promotion of any crypto assets (save, perhaps, for pure utility tokens). This would mean tokens could only be promoted to exempt persons, unless the marketing communications are approved by an authorised person and comply with the FCA's financial promotion rules. Industry might be able to lobby the FCA to include the "10% restricted investor" category that the FCA permitted for the crowdfunding regime. The UK will clarify the extent to which the Prospectus Rules will apply to crypto assets; they will definitely apply to security tokens.
7. The UK will gold plate MLD5 and implement it early in H1 2019. Regulators are determined to dispel the historic association of crypto assets with the black market. The fifth anti-money laundering directive (MLD5) will be implemented as an urgent priority in early 2019 which will impose the same anti-money laundering standards for crypto assets as they currently exist for other financial products. The UK will go beyond the requirements of MLD5 to create a gold standard for its crypto industry and industry participants should expect this to become the global standard in the future. Those exchanges which already comply with MLD standards on a voluntary basis will have a first mover advantage and are well-placed to benefit in this regard.
8. A new market abuse regime in the UK. What approach will be taken to tackle market manipulation is an open question, but it is one which really keeps regulators up at night. At one extreme, ESMA has recommended bringing crypto assets within the full scope of MiFID II rules and reporting, and the Market Abuse Regulation. This brings with it significant ramifications that could kill off the crypto market or force it further into the dark web. We believe the UK will amend the list of controlled investments in the Financial Promotion Order to include crypto assets. This would serve the dual purpose of applying the financial promotion regime to such assets and extending the criminal sanctions for market abuse (misleading statements and impressions) to give the FCA powers to bring criminal actions against those who commit abuse.
9. There will not be a transitional period. Firms (regulated and unregulated) will have to apply to the FCA for the new permissions. Existing regulated firms should have it easier as a variation of permissions is more straightforward than a new application altogether, but all firms will have to demonstrate how they adhere to the new standards and protect customers. This will include details of IT security reviews.
10. DLT is here to stay. The papers acknowledge the potential of DLT to change aspects of financial services for the better. We are already seeing the seeds of change, but DLT is still two or three iterations off that eureka moment. DLT will develop a multiple private networks which will, eventually, interact with each other at appropriate times. DLT providers will remain outside the scope of regulation… for now.

Recommendations

We now detail our recommendations for how the UK should approach the regulation of the crypto sector:

• Constructive regulation; Many of the UK policymakers' principal concerns are the risks traditionally associated with a young, developing market. Sensible regulation can itself ameliorate many of these concerns and usher crypto into a more mature market stage. For example, the price volatility of crypto assets, rather than betraying a lack of "market fundamentals", is largely a symptom of low liquidity, as well as low transparency and market arbitrage. If legitimised by regulation, larger institutional players could enter the market, and the consequent greater levels of liquidity would stabilise prices. Similarly, insurers would be more able to collaborate with the sector to control and contain the risks associated with hacking. Future regulation is therefore an opportunity to be welcomed, and should be formulated according to the following principles:

• Building a badge of legitimacy; It is sensible to tackle financial crime and AML concerns strongly and as an urgent priority, so as to create a trusted and trustworthy reputation for UK-regulated crypto exchanges and issuers. Exchanges and issuers should be held to the highest international standards (such as MLD5) in this regard.
• Efficiency; The market is dynamic and internationally footloose. The experience of New York's BitLicense and Japan's regulated exchanges shows that the licensing / approval process for UK exchanges and issuers needs to be collaborative between regulators and exchanges / issuers and, where possible, quick, in order to avoid firms migrating elsewhere. Smaller jurisdictions such as Malta have set themselves up to capitalise on such cases.
• Light-touch starting point; Bringing the sector within the FCA's remit is a good starting point. The FCA should use its new remit to build its knowledge of the sector by using its monitoring and investigatory powers, and should intervene where it is clearly necessary to protect consumers and the markets. This regulatory oversight should give sufficient comfort that the market can be allowed to develop organically in a relatively light-touch environment, and any further development regulation can be implemented in a piecemeal manner as required.
• Awareness of the unique characteristics of crypto assets; Crypto assets are not easily categorised under the existing definitions of traditional financial instruments and the rapid technological innovation in the sector means that new forms of token and new use cases are being developed on a weekly basis – a rate of innovation not seen elsewhere in the financial sector. The old model of updating major regulation every decade or so to capture new products will not work for crypto; regulation needs to be flexible and adaptable from the outset. For example, crypto assets should not be classified into binary (regulated or unregulated) categories but according to a graded scale which recognises the variety of features they may have and functions they may perform in the future. A proportionate degree of responsibilities could then be attached accordingly.

The markets for crypto assets also have unique features, particularly in relation to market abuse, and therefore moving crypto wholesale into the same regulatory framework as mature markets such as securities (as ESMA has suggested) risks transplanting an overly heavy-handed regime. This would be unworkable and could risk discouraging innovative technologies from issuing on exchanges in the UK. Alternatively, a proportionate and flexible crypto-specific regime which enhances market integrity could become a significant competitive advantage for the UK crypto industry.

The report concerns the committee's digital currencies inquiry, which was launched in February 2018. The report called for the "wild west" – widely criticised as being an unhelpful title in an otherwise comprehensive and pragmatic report - of crypto exchanges and ICO issuers to be brought within the regulatory perimeter as a matter of urgency. The report cited price volatility, hacking vulnerabilities, minimal consumer protection, and anonymity aiding money laundering as key concerns. It questions what it termed as an ambiguous stance by the UK Government and regulators.

It maintains that crypto assets are extremely risky for retail investors. The report states that even at their late-2017 peak, crypto assets accounted for just 1 per cent of global GDP. On this basis and given the negligible links between the sector and other institutions, the Committee finds that crypto assets do not present a systemic risk to the financial system. The report strikes a pessimistic tone regarding the potential of crypto and blockchain technology to deliver fundamental and disruptive changes in financial services.

Aware of the historic association of crypto assets with the black market, the Committee report investigates the money laundering concerns associated with crypto assets. The report identifies the "on/off ramps" as the key areas where standards and checks are to be enforced (in part due to the difficulty tracking assets and identities once within the crypto perimeter). The report refers to MLD5 which will require crypto asset exchanges to comply with anti-money laundering and counter-terrorist financing rules.

In relation to ICOs, the Committee views these as securities issuances in all but name; it is dismissive of attempts to distinguish "utility tokens", and characterises ICOs broadly as exposing "a regulatory loophole that is being exploited to the detriment of ordinary investors". Prospective ICO issuers should expect the future regime to closely resemble that which exists for securities issuances. It remains to be seen whether exemptions will be available for genuine "utility" or currency-like tokens; however, the tone of the report suggests that UK regulators currently regard these categories with scepticism.

The key recommendations in the Committee report are:

• UK Government and regulators should evaluate the risks of crypto assets, and assess whether their growth in the UK should be encouraged;
• the consultation process for MLD5, which is currently not planned to finish until the end of 2019, should be expedited; and
• the regulation of crypto assets and associated activities should be introduced by extending the Regulated Activities Order, and the Government should consider what "activity" related to crypto assets should be specified in the RAO and the potential impact of this introduction.

SMSG report

ESMA published an own initiative report produced by its SMSG (Securities and Markets Stakeholders Group) on ICOs and crypto assets. This report sets out the SMSG's advice to ESMA in relation to crypto assets. The proposals go further than any other established regulator to date, except those who have imposed outright bans.
The report focuses mostly on the risk to investors and shows the results of a fact finding exercise. It looks at payment tokens, utility tokens and hybrids in turn and gives an overview of recent ICOs and market developments in relation to crypto assets. It makes some not so startling recommendations to ESMA in relation to the regulation of crypto assets, namely seeking clearer guidance on certain MiFID definitions.

ESMA should act in relation to cryptocurrencies

SMSG looks at the benefits and risks of payment utility tokens and asset tokens in turn. It comments that many payment tokens are not used as payment instruments but as speculative investments, posing significant investor protection concerns. Payment tokens are said to be prone to price fluctuation, high volatility and resulting value risk. Other concerns in relation to payment tokens are the lack of centralisation and the concentration of ownership of the underlying technology. Risks associated with utility tokens include counterparty and performance risk, as well as market abuse risk where there is a secondary market for utility tokens.

Coverage of crypto assets by existing regulation

In this section, SMSG is keen to consider whether a crypto asset should be covered by regulation. It notes that most crypto assets are covered by the Unfair Commercial Practices Directive. In considering whether regulation is needed, SMSG looks at: whether the asset gives the owner an entitlement against the issuer and whether this entitlement is in kind or monetary; whether the asset is transferable; whether, if scarce, how the scarcity is controlled; and whether it gives decision-making power on the project of the issuer. It argues that there are some aspects which would invite the applicability of MiFID, the Prospectus Regulation and the Market Abuse Directive.

• Payment Tokens. The SMSG concludes that payment tokens are not currently covered by MiFID II, the Prospectus Regulation nor the Market Abuse Regulation but notes that a number of transferable payment tokens are increasingly considered as investment objects.
• Utility tokens. SMSG draws a distinction between transferable and non-transferable tokens, arguing that the latter should not be covered by MiFID II, Prospectus Regulation or the Market Abuse Regulation.
• Asset tokens. SMSG states that the test of whether the asset tokens should be covered by applicable legislation centres on whether they are financial instruments for MiFID purposes and MAR, or transferable securities for the purposes of the Prospectus Regulation. Where the asset token gives right to a financial entitlement, the SMSG is of the opinion that they represent the features of either bonds or shares. Where the asset token gives right to an entitlement in kind, and the holder is afforded decision-making power into the project, the SMSG argues that the asset token possesses important characteristics similar to shares. Furthermore, where they are transferable, ESMA considers there is a good case for them to be deemed transferable securities subject to MiFID II and the Prospectus Regulation.

The most interesting and perhaps controversial part of the report is where SMSG asks ESMA for Level 3 guidance to promote supervisory convergence in the following areas:

• the interpretation of the MIFID definition of "transferable securities", and clarifying whether transferable asset tokens which have features typical of transferable securities are subject to MiFID II and the Prospectus Regulation;
• the interpretation of the MiFID definition of "commodities", as this concept is crucial to determine whether an asset token with features typical of a derivative is a MiFID financial instrument or not;
• the interpretation of the MTF and OTF concepts, clarifying whether the organisation of a secondary market in asset tokens which qualify as MiFID financial instruments is an MTF or an OTF;
• the fact that when issuers of asset tokens are to be considered to organise an MTF or an OTF in accordance with the above, MAR applies to such MTFs and OTFs; and
• the fact that in all situations where an asset token is to be considered a MiFID financial instrument, persons giving investment advice on those asset tokens or executing orders in those asset tokens, are to be considered investment firms, which should have a licence as such, unless they qualify for an exemption under MiFID II.

The proposals would bring Bitcoin and any other tokens that are transferable, or offer financial entitlements or decision making power, within the scope of MiFID II, the Prospectus Regulation and the Market Abuse Regulation. This would mean firms carrying on any form of investment services in relation to these regulated tokens would have to be regulated as investment firms, exchanges would have to become regulated trading venues and all firms would have to comply with pre and post-trade transparency requirements, among the raft of other regulations that MiFID II entails.

None of this is a bad thing in principle, but the SMSG's suggestion potentially casts the net far too widely and will stifle innovation. There is little point in a token riding on a distributed ledger system that cannot be transferred or distributed. Either this defeats the purpose of DLT itself, or it allows the issuers to create a wheeze to avoid regulation.

Cryptoassets Taskforce - final report

The Cryptoassets Taskforce (comprising HM Treasury, the Financial Conduct Authority and the Bank of England (the authorities)) was launched by the Chancellor of the Exchequer in March 2018 and this report provides an overview of crypto assets and DLT. It assesses the associated risks and potential benefits of crypto assets and contains a number of recommendations and proposals. In terms of observations, it offers few ground-breaking insights, except perhaps in questioning the scope of the proposed EU anti-money laundering regulation targeted at this area. Crucially, the report sees the risks of consumer harm and market integrity as lesser concerns when considered against the risk of the illicit use of crypto assets.

The report indicates that regulation is coming, and quickly (potentially before the end of 2018). The most noteworthy suggestion in the report is the use of the FCA's product intervention powers and the suggestion that these should be used to ban financial instruments like derivatives where the underlying is a crypto asset. This would have a significant effect on many firms that have widened their offerings to include these types of products and is akin to using a sledgehammer to crack a nut. Retail CFD providers are already subject to ESMA's product intervention powers and banning crypto derivatives will merely force customers to unregulated exchanges, where they have no regulatory protections whatsoever.

Crypto assets background

The report notes that the UK is not a major market relative to the global crypto asset markets and comments that crypto assets are not widely used in the UK. It considers that the crypto assets deliver benefits but pose significant risks, especially to consumers, market integrity and financial crime, while posing little risk to financial stability. The report states that the authorities are keen to encourage innovation while at the same time maintaining the UK's reputation as a safe and transparent place to do business.

The Taskforce considers there to be three broad types of crypto assets: exchange tokens, security tokens and utility tokens. It notes that crypto assets are usually used as a means of exchange, for investment, and to support capital raising and/or the creation of decentralised networks. Maintaining the stance adopted by regulators, the report states that while crypto assets can be viewed as exchange tokens, they are not to be considered currency or money. It goes on to note that crypto assets are not widely used as a means of exchange in the UK.

The report sees key opportunities from ICOs as supporting competition and innovation, and improving efficiency by making the capital raising process cheaper and more streamlined, especially for smaller issuances. The report also notes that ICOs address financing gaps for high risk early stage projects. The report states that developers and issuers are most likely to benefit from this, owing to the ease with which they can access new and existing capital.

DLT

The reports notes the "technologically neutral" stance adopted by the authorities to regulating DLT and states that they will continue to support innovation in this area. The report acknowledges that DLT has the potential to deliver significant benefits and there are no regulatory barriers to the adoption of DLT. The report claims that the UK is an emerging leader in DLT and outlines the potential benefits of DLT. It also considers the potential barriers to DLT being adopted more widely, including: interoperability of systems; competition issues; legal challenges; settlement finality; governance challenges; banking relationships; and awareness and understanding.

The report refers to financial services regulation and the respective roles of the FCA and the PRA in consumer protection, market integrity, and promoting competition, as well as ensuring safety and soundness. It refers to the regulatory perimeter which consists of specified activities and investments defined in the Financial Services and Markets Act 2000 (Regulated Activities) Order (RAO), and other legislation such as the Payment Services Regulations 2017. The report then presents an analysis of how the current regulatory perimeter applies to activities related to crypto assets, noting that the application of the rules can only be decided on a case-by-case basis. The report comments that the crypto asset market is a new, fast-paced market with complex and opaque products, making it difficult to determine whether a crypto asset should fall within the regulatory ambit.

Other considerations for regulated firms raised by the report include: the FCA Principles for Business (notably those relating to adequacy of systems and controls, being open and co-operative with the FCA and adequacy of financial resources); the Senior Managers and Certification Regime; Systems and Controls Provisions; and the Financial Promotions rules.

Risks of financial crime

Unsurprisingly, the report refers to the UK government's 2017 National Risk Assessments of Money Laundering and Terrorist Financing (NRAs), which concluded that associated risks with money laundering and terrorist financing were low but there was an increasing number of cases of crypto assets being used to launder proceeds of offline crime.

The report also refers to other risks to consumers, notably cyber crime and the increased vulnerability of wallets and exchanges to cybercriminals. Indeed, the report comments that the rise of "crypto-jacking" - the use of a victim's computer processing power to mine for crypto assets - is now viewed as one of the leading malware threats.

More significantly, the authorities realise that current legislative initiatives, most notably MLD5, do not go far enough. MLD5 aims to bring fiat-to-crypto asset exchange firms and custodian wallet providers within the scope of AML / CTF regulation but does not address all the crypto-to-crypto exchanges and other providers. Accordingly, the authorities set out proposals to plug this gap by going "significantly beyond" MLD5.

 Authors:  Bradley Rice - Senior Associate, Patrick Keenan - Associate, Bisola Williams - Expertise Legal Manager