In Short

The Situation: In February 2018, Germany's Federal Financial Supervisory Authority ("BaFin") published an advisory letter on the classification of tokens as financial instruments, which was widely criticized for being too vague.

The Result: Members of BaFin's department of financial technology innovations recently authored and published an article that responds to this criticism and further elaborates on the classification of tokens from a regulatory perspective.

Looking Ahead: While BaFin sets forth its view on the applicability of the existing general legal framework to tokens, the German government aims to promote a specific regulatory framework on a European and global level for the offering and trade of cryptocurrencies and tokens.

What Are the Different Types of Tokens?

Tokens—whether or not issued in connection with an initial coin offering ("ICO")—are created using blockchain technology and can have various features and functionalities. Although an advisory letter that BaFin published on February 20, 2018 (Ref. no.: WA 11-QB 4100-2017/0010, the "Circular") remained silent on any possible categorization of tokens, an article titled "Blockchain Technology—Thoughts on Regulation," published in the biannual series BaFinPerspectives on August 1, 2018 ("BaFin article") distinguishes among the following categories:

  • Payment tokens, used as means of payment, or traded and exchanged for traditional and virtual currencies on specialized trading platforms;
  • Equity (or investment) tokens, conferring membership rights or shares in the issuer's future revenues, similar to shares or debt securities; and
  • Utility tokens, used for the purchase of services or goods that the fundraiser develops.

In practice, many tokens are of a hybrid nature ("hybrid tokens") combining elements of more than one of the above categories; for example, utility tokens often contain features of an equity token or payment token.

What is BaFin's Approach with Respect to the Classification of Tokens?

BaFin does not prohibit ICOs or the trading of tokens in Germany. However, based on the specific features of the individual token, the offering or dealing in tokens may involve a prospectus requirement, an authorization requirement, and/or be subject to certain trading regulations. The question of whether—and to what extent—a token is subject to regulation in Germany depends on the design of the token (in particular, the rights and obligations associated with it) and is assessed by BaFin on a case-by-case basis.

How are Payment Tokens Classified?

For several years, BaFin has considered Bitcoin and similar payment tokens to be "units of account" ("Rechnungseinheiten") and therefore as "financial instruments," as interpreted by the German Banking Act (Gesetz über das Kreditwesen, "KWG"). Accordingly, dealing with, or rendering financial services in connection with, payment tokens might entail a licensing requirement pursuant to the KWG.

How are Equity Tokens Classified?

Tokens possessing rights similar to shares or debt securities might qualify as "financial instruments" within the meaning of the German Securities Trading Act (Wertpapierhandelsgesetz, "WpHG") and Directive 2014/65/EU on Markets in Financial Instruments ("MiFID II"), in particular as a "security." In this context, it is important to note that the concept of "financial instrument" under the KWG is different from the one under the WpHG. To qualify as a security within the meaning of the WpHG, a token must: (i) be transferable; (ii) be tradable on a financial or capital market; (iii) embody shareholder rights or creditor claims or claims comparable to shareholder rights or creditor claims; and (iv) not meet the requirements of a payment instrument.

For the differentiation between equity tokens qualifying as a security and pure utility tokens that are not subject to any regulatory requirements (see below), the requirement "embodied shareholder rights or creditor claims or claims comparable to shareholder rights or creditor claims" is the most important one. While the Circular had remained silent on the exact application of this requirement, the authors of the BaFin article have stated that the line must be drawn between financial instruments (security) and instruments that primarily need to be attributed to the real economy (no security).

Similar to the ICO guidelines that the Swiss Financial Market Supervisory Authority ("FINMA") published on February 16, 2018, the BaFin article states that an attribution to the real economy is questionable, in particular if the promised goods or services may not yet be purchased at the time the token is issued. In this case, whether the promised functionality will materialize in the future depends on the company's efforts. Accordingly, the token primarily serves financing purposes and therefore might be qualified as a security instead.

The U.S. Securities and Exchange Commission ("SEC") recently took a similar position in its report published in July 2017 on the ICO of the German startup "The DAO," in which the SEC came to the conclusion that the underlying tokens qualify as securities within the meaning of U.S. securities laws. Subsequently, various U.S. companies (such as Protocol Labs, Inc., which raised US$257 million during its FileCoin ICO in 2017) structured their fundraising in two steps in order to avoid tokens being issued before they can be used for consumption. In the first step, Simple Agreements for Future Tokens ("SAFTs") are concluded, by which accredited investors acquire the right to purchase future tokens once the network is fully developed and launched. The token emission itself is deferred until the platform is eventually completed and the tokens have "utility," i.e. may be used for the purchase of the goods or services developed by the issuer. However, the SAFT framework has given rise to concerns, including whether it satisfies U.S. securities laws or even creates greater risk under them.

Tokens qualifying as a "security" within the meaning of the WpHG are subject to capital market regulations applicable to securities, in particular prospectus requirements pursuant to the Securities Prospectus Act (Wertpapierprospektgesetz, "WpPG") or, as of July 21, 2019, the EU Prospectus Regulation (EU) 2017/1129 ("Prospectus Regulation") and trading regulations in accordance with WpHG and MiFID II (e.g., market abuse regulations such as the prohibition of insider trading). Further, depending on the specific business model, an BaFin's authorization under the KWG may be required as well.

In view of prospectus requirements, an intervention of the European legislator might be desirable: The current prospectus regime, including the one contemplated by the Prospectus Regulation that will be applicable as of July 2019, does not address the specific information needs of ICO investors. Accordingly, the European legislator should take the opportunity to complement the Prospectus Regulation by requiring blockchain-specific information providing answers to, for example, the following questions: How does the decentralized business model work? What is the underlying blockchain technology? Have the relevant smart contracts been audited? Which rights are associated with the tokens? On which secondary markets will the token be tradable, if at all? Which regulatory provisions apply?

How are Utility Tokens Classified?

Issuers who want to avoid being subject to any regulatory requirements usually claim their tokens to be "pure utility tokens." According to the Article, pure utility tokens entitle their owners exclusively to the acquisition of a real economy service or good and not to any financial compensation. Such pure utility tokens are usually not subject to any regulatory provisions. However, as stated above, utility tokens tend to have a hybrid nature and often combine elements of equity or payments tokens as well. For example, if a utility token also serves as a means of payment, it is likely to be qualified as a "unit of account" and therefore as a "financial instrument" within the meaning of the KWG. According to the BaFin article, it needs to be ascertained first whether the token qualifies as a payment token or as an equity token. Only if such assessment is negative would BaFin assume that the token qualifies as a pure utility token that does not entail any regulatory consequences.

Three Key Takeaways

  1. Although the BaFin article of August 2018 provides some additional clarity as to the regulatory classification of so-called "utility tokens," companies envisaging an ICO should seek legal advice in order to avoid any risks.
  2. Participants should allow sufficient time for contacting BaFin to clarify questions relating to the applicability of regulatory requirements.
  3. Legislative initiatives and administrative practice in view of ICO and token regulation are likely to evolve, so market participants should closely monitor further developments.