Banking & Finance Eurozone Hub
Our Expertise Banking & Finance
European Securities and Markets Authority (ESMA) issues warnings on Initial Coin Offerings (ICOs)
What does this mean for investors and firms involved in ICOs?
ICOs come in different sizes and forms. They also offer different risk exposures to different business models across different jurisdictions and their legal systems. The concept of an ICO, building upon the term "initial public offering" or "IPO" has been understood by some to be akin to the issuance of traditional financial instruments and the securities laws that underpin these. However, in stark contrast to securities regulation, the regulation of cryptocurrency coins or tokens (for purposes herein cryptocurrency) and their offering via ICOs are not subject to uniform standards of how these are structured, offered and supervised across EU Member States or the global level.
This has caused a number of supervisory policymakers in those jurisdictions, including at the EU1 and global level, to issue warnings. Concurrently these policymakers continue to issue supervisory consultations and even guidance on how to police these products, how to participate in those products and which standards to use. The topic of FinTech driven disruption is well reported. It has now begun to drive policymakers to act to protect but also to provide the right balance of pragmatic and proportionate policy to nurture FinTech and cryptocurrency. Having safer and more uniform standards in FinTech is seen by a number of stakeholders, including cryptocurrency and FinTech users as a pre-requisite for such technology to undergo a further coming of age.
This Client Alert provides an overview of ESMA's two short ICO Warning Statements released on 13 November 2017. It discusses how the two statements fit in to the string of supervisory communications of the national supervisory authorities that make up the EU's European System of Financial Supervision (ESFS). Finally, it considers the impact on cryptocurrency stakeholders and the future of ICOs.
Two papers, two stakeholder groups... common cryptocurrency risks?
ESMA has released two Warning Statements:
1 See our recent coverage on:
the BCBS Consultative Document on FinTech available here:
the EBA's FinTech Discussion Paper available here:
ESMA 50-157-828: "ESMA alerts firms involved in Initial Coin Offerings (ICOs) to the need to meet regulatory requirements"2 that is aimed at those involved in ICOs (the General ICO Warning Statement); and
ESMA 50-157-829: "ESMA alerts investors to the high risks of Initial Coin Offerings (ICOs)"3 that is aimed at actual and potential investors in ICOs as well as holders of cryptocurrency (the Investor ICO Warning Statement).
Both ICO Warning Statements are compact in length. Although they are written for two different stakeholder groups in mind, they build upon one another and should thus both merit consideration. Both refer to ICO specific risks. These emanate from the nature the way an ICO is structured and the capital raising may not comply with applicable EU legislative and regulatory standards.
The General ICO Warning Statement is addressed to "firms involved in ICOs". However, this reference is not defined rather it is vague and designed to be 'agnostic'. Building upon this 'jurisdiction, transaction and sectorial agnostic' approach, ESMA reminds such firms, for purposes of conducting business involving the EU, that a regulatory risk exposure exists and that they:
"...must give careful consideration as to whether their activities constitute regulated activities...If their activities constitute a regulated activity, firms have to comply with the relevant legislation and any failure to comply with the applicable rules would constitute a breach."
ESMA's general reminder means that even if the ICOs structure falls outside of the 'existing'4 regulatory perimeter but if the cryptocurrency qualifies as a regulated financial instrument, then regulated investment activities are likely to apply. In the EU, given the current state of financial regulatory fragmentation in relation to the categorisation and treatment of cryptocurrency, not all tokens, coins or other cryptocurrency are treated as financial instruments. It is conceivable that ESMA, as with other components of the ESFS, will need to consider how this might have to change sooner rather than later.
a) The General Investor ICO Warning
This Warning states that where a regulated activity does apply, then addressees of the General ICO Warning Statement must comply with EU legislation as well as national legislation and regulatory regimes. A very high-level summary of the cornerstones of the EU-level financial services legislative and regulatory regime follows. These cornerstones include the following:
1. Prospectus Directive Regime: in relation to the offering of financial instruments, it reminds firms that cryptocurrency could fall within the definition of transferable securities. The structure of the ICO could necessitate the publication and approval of a Prospectus by a national authority in the ESFS;
2. MiFID II/MiFIR: in relation to the marketing, trading, investing, reporting and safekeeping of financial instruments, it clarifies that depending on the structure of the cryptocurrency certain activities will constitute regulated activity and require appropriate authorisations and compliance with rules by entities and persons;
3. AIFMD/R: in in relation to certain funds, and that depending on the structure of the ICO, the actual ICO scheme could itself be categorised as an 'alternative investment fund', to the extent that it is used to raise capital from a number of investors, with a view to investing it in accordance with a defined investment policy and thus prompt full compliance with AIFMD/R's
2 See: https://www.esma.europa.eu/sites/default/files/library/esma50-157-828_ico_statement_firms.pdf
3 See: https://www.esma.europa.eu/sites/default/files/library/esma50-157829_ico_statement_investors.pdf
4 And the reference to existing is deliberate in the drafting of the ICO General Warning Statement.
prudential regulatory capital regime. It also states the need for a designated manager as well as a host of prescriptive conduct of business obligations; and
4. 4-AMLD: that sets out relevant anti-money laundering and anti-financial crime requirements. It also reminds regulated firms of their obligation to identify, mitigate and manage risks associated with money laundering and financial crime. Unlike the cornerstones above, cryptocurrency, regardless of how it is categorised by the components of the ESFS for regulatory purposes, falls within the scope of regulated firms' financial crime compliance obligations.
b) The Investor ICO Warning
The second ESMA Warning Statement, entitled "Investor ICO Warning Statement", achieves two things. Firstly, it defines what exactly constitutes an ICO, and does so in a sufficiently definitive and succinct manner5. Secondly, it highlights, irrespective of the regulatory risk exposures above, the key ICO risks that the investor may be or become exposed to. Both of these risks could adversely affect the value of the ICO and/or the cryptocurrency including down to zero or trigger further loss and damages. The ICO-specific risks for investors include:
a. ICOs and holdings offer a lack of exit options and extreme price volatility over a prolonged period of time and are reliant on redemption or exchanges of cryptocurrency for fiat currency via specific exchanges;
b. ICOs have a high risk of losing all of the invested economic capital due to a range of commercial, technological factors or governmental or regulatory led action against stakeholders including exchanges;
c. ICOs are subject to fraudulent, illicit or criminal activities including theft of the cryptocurrency and/or market manipulation of exchanges;
d. ICOs have a high degree of information asymmetry and, as ESMA summarises, may often be provided mostly in unaudited, incomplete, unbalanced and possibly misleading forms; and
e. ICOs may have embedded systemic or asset-specific flaws in technology, code or programs that are used to create, transfer, store or access the cryptocurrency.
What both ICO Warning Statements do not touch upon (as of yet) is that traditional regulatory and supervisory powers of the ESFS could start to regulate and supervise exchanges and the standards of information provided to investors. The cornerstones above are adaptable enough to be extended to include cryptocurrency. They could thus resolve those risks, in turn contributing to an environment that supervisors and investors would consider safe to engage in. In the United States, one quick fix for ICOs has been to structure these as compliant with offerings to accredited investors, i.e. sophisticated investors that meet certain quantitative and qualitative thresholds. It remains to be seen whether an equivalent in the EU might be feasible or other measures to encourage safe standards. It is
5 "An ICO is an innovative way of raising money from the public, using coins or tokens. An ICO can also be referred to as an initial token offering or token sale. In an ICO, a business or individual issues coins or tokens and puts them for sale in exchange of traditional currencies, such as the Euro, or more often virtual currencies, e.g. Bitcoin or Ether.
The features and purpose of the coins or tokens vary across ICOs. Some coins or tokens serve to access or purchase a service or product that the issuer develops using the proceeds of the ICO. Others provide voting rights or a share in the future revenues of the issuing venture. Some have no tangible value. Some coins or tokens are traded and/or may be exchanged for traditional or virtual currencies at specialised coin exchanges after issuance.
ICO campaigns are conducted online, using the Internet and social media. The coins or tokens are typically created and disseminated using distributed ledger or blockchain technology (DLT). ICOs are used to raise funds for a variety of projects, including but not limited to businesses leveraging on DLT. Virtually anyone who has access to the Internet can participate in an ICO."
conceivable that going forward, ESMA and other components of the ESFS might require that those firms that are supervised by the ESFS only offer ICOs that are compliant with EU or global regulatory standards.
So how does this fit into the wider picture and what next?
The nature of the business model of the cryptocurrency through to the ICO structure will determine whether there is, and which parts will become subject to, a regulatory risk. For a number of ICOs, the AIFMD/R requirements might likely be one of the key gateways to the ICO and market participants stepping back in to the existing EU regulatory perimeter. This could then translate and cascade into further triggering of the cornerstones described above.
The above brings with it a number of considerations for stakeholders as well as scenarios for supervisors and the potential paths of how regulatory policy could be applied at present or might be applied in the future. Even if the ICO Warning Statements reflect EU supervisory policymaking in its infancy, certain stakeholder types, due to their structure and operations may need to consider taking specific steps. This may boil down to ultimately choosing whether they will embrace the benefits of being regulated and offering an approved and supervised product, or instead forego that first mover advantage and restructure operations and methods of accessing economic capital from those within the regulatory perimeter of the ESFS.
The release of a similar warning by the German Federal Financial Supervisory Authority (BaFin) to consumers6 on 9 November 2017 raises the prospect that the ESFS may be joined up in approach to resolving the situation across a fragmented legislative and regulatory treatment of ICOs and cryptocurrencies. Across the Atlantic, the U.S. authorities have been actively issuing regulatory communications on ICOs including statements in November by SEC Commissioner Jay Clayton that ICOs have a sufficient number of hallmarks as a security and thus trigger U.S. regulatory compliance obligations.
If one takes a look back at the traditional financial services sector, the concerns of the ESFS and north Atlantic peers are not too different. Yet what is perhaps different is that the ESFS has not (yet) pushed for the same amount of investment and offering restrictions as some jurisdictions have. Conversely, those restrictions, certainly in traditional financial instruments and transactions, certainly shaped how a number of markets, assets classes and transaction types evolved. That being said, whilst the ICO Warning Statements may seem stringent for some stakeholders, the ESFS and the EU are advancing to make the EU's Single Market more digital. Embracing cryptocurrency is one of many means to do that.
If you would like to receive more analysis from our wider Eurozone Group or in relation to the topics discussed above, including what the ESMA ICO Warning Statements mean, how existing EU and national legislation as well as the supervisory expectations, principles and rules of the ESFS might treat cryptocurrency and steps for specific stakeholders, then please do get in touch with any of our Eurozone Hub key contacts below.
6 See: https://www.bafin.de/SharedDocs/Veroeffentlichungen/EN/Meldung/2017/meldung_171109_ICOs_en.ht ml
Eurozone Hub Contacts
Michael Huertas, LL.M., MBA Counsel Solicitor (England & Wales and Ireland) Registered European Lawyer Frankfurt michael.huertas@ bakermckenzie.com
Sandra Wittinghofer Partner Rechtsanwltin and Solicitor (England & Wales)
Dr. Manuel Lorenz, LL.M. Partner Rechtsanwalt and Solicitor (England & Wales)
Baker & McKenzie - Partnerschaft von Rechtsanwlten, Wirtschaftsprfern und Steuerberatern mbB
Friedrichstrasse 88/Unter den Linden 10117 Berlin Tel.: +49 30 2 20 02 81 0 Fax: +49 30 2 20 02 81 199
Neuer Zollhof 2 40221 Dusseldorf Tel.: +49 211 3 11 16 0 Fax: +49 211 3 11 16 199
Frankfurt am Main Bethmannstrasse 50-54 60311 Frankfurt / Main Tel.: +49 69 2 99 08 0 Fax: +49 69 2 99 08 108
Munich Theatinerstrasse 23 80333 Munich Tel.: +49 89 5 52 38 0 Fax: +49 89 5 52 38 199
This client newsletter is prepared for information purposes only. The information contained therein should not be relied on as legal advice and should, therefore, not be regarded as a substitute for detailed legal advice in the individual case. The advice of a qualified lawyer should always be sought in such cases. In the publishing of this Newsletter, we do not accept any liability in individual cases.
Baker & McKenzie - Partnerschaft von Rechtsanwlten, Wirtschaftsprfern und Steuerberatern mbB is a professional partnership under German law with its registered office in Frankfurt/Main, registered with the Local Court of Frankfurt/Main at PR No. 1602. It is associated with Baker & McKenzie International, a Verein organized under the laws of Switzerland. Members of Baker & McKenzie International are Baker McKenzie law firms around the world. In common with terminology used in professional service organizations, reference to a "partner" means a professional who is a partner, or equivalent, in such a law firm. Similarly, reference to an "office" means an office of any such law firm.