www.pwc.ch The current state of regulation of blockchain operations used in the financial industry in Switzerland Contacts Martin Liebi Regulatory and Compliance Services Tel. +41 58 792 28 86 firstname.lastname@example.org Guenther Dobrauz Leader Legal Regulatory & Compliance Services Tel. +41 58 792 14 97 email@example.com Virtual currencies (‘VCs’) and other technical developments supposedly set to revolutionise the financial industry and many of its processes are being hotly debated right now. Although the economic and (technical) viability of many of the latest inventions and creations commonly known as ‘fintech’ are still in doubt, one technology stands out, and according to many pundits has the potential to alter materially how banks and other financial industry participants will settle payments and securities transactions in the future. This is blockchain technology. This newsletter will highlight the main regulatory aspects and open questions regarding the regulation of blockchain technology in Switzerland. What is blockchain technology and how does it differ from the current systems? Modern payment and securities systems are generally centralised. Either the central bank or a central counterparty or securities depository clears and settles payments and securities by moving the financial instrument from one account to the other. The transfer is subsequently reflected in the internal ledgers of the individual members/ account holders. The central bank/central counterparty/central securities depository validates transactions in its central ledger accurately and timely to safeguard against double-spending or counterfeiting. The stability of the systems is based on the trust vested in this central party and its ability to safeguard the central ledger. Central Bank Settlement accounts of banks at a central bank Bank A Bank B Client A1 Client A2 Client B1 Client B2 Figure 1: A centralized payment system Blockchain technology replaces this centralised system with a decentralised system, the so-called distributed ledger system. Large numbers of copies of the central ledger are maintained across the financial system network by many different private entities. There are different degrees of decentralisation, meaning that there can still be a centralised ledger as a back-up ledger for the performance of certain key tasks. These decentralised ledgers are constantly updated and amended on the basis of sophisticated computing technology and cryptography. This ensures that there is no counterfeiting of the decentralised ledger. Trust in the accuracy of the leger is based on a consensus of the exact content of the ledger across the network of member entities regarding the validity of the ledger. In other words, falsification of data in just one ledger is not possible, because it would be detected immediately due to the mismatch with the other decentralised ledgers. Ledger Ledger Ledger Ledger Ledger Ledger Ledger Ledger Ledger A B Ledger Figure 2: An illustrative example of distributed ledger system similar to Bitcoin (Blockchain) How is blockchain technology regulated under the current Swiss regulatory framework? The view of the Swiss government The Swiss authorities have so far only addressed one specific application of blockchain technology: its use in the form of the very prominent VC Bitcoin. The Swiss Federal Council published a report on VCs such as Bitcoin in 2014, but it refrained from proposing specific regulation at the time because of the marginal economic importance of Bitcoin. FINMA supports the introduction of new methods and is applying the existing regulatory framework to the recently introduced VCs to the extent applicable. Blockchain technology by itself and its many applications in the financial industry have so far neither been specifically addressed nor regulated by the authorities. A. Does my blockchain operation require an authorisation under the Swiss Financial Market Infrastructure Act? Blockchain operations in the financial industry requiring an authorisation under the Swiss Financial Market Infrastructure Act (FinfraG) might be either a central securities depository (Art. 61 et seq. FinfraG) or a payment system (Art. 81 FinfraG). The main characteristics of these are set forth below. 1. Central custodian of securities or other financial instruments or securities settlement system A Swiss domiciled operator of blockchain operations could either be a central custodian, which is an entity for the central custody of securities and other financial instruments based on uniform rules and procedures (Art. 8 para. 2 FinfraG), or a securities settlement system, which is an entity for the clearing and settlement of transactions in securities and other financial instruments based on uniform rules and procedures (Art. 8 para. 3 FinfraG). Blockchain applications in the financial industry outside of VC typically deal primarily with financial instruments, meaning instruments used for financing or investment purposes, but not other assets such as land titles. A key differentiator determining whether a blockchain operation needs an authorisation as a custodian of securities or not is the provision of a ‘centralised’ operation rather than a ‘decentralised’ one. Owing to the many different forms of blockchain operations, this differentiation can only be made on a case by case basis, and depends heavily on the extent of decentralisation of the blockchain operation. It is likely to be negated in most cases due to the decentralised nature of many blockchain operations. Many blockchain operations in the financial industry will, however, fulfil the requirements of a securities settlement system that does not require the provision of a ‘centralized’ operation, because such activities are deemed to be either a clearing activity (Art. 2 para. 1 lit. g FinfraG) or a settlement activity (Art. 2 para. 1 lit. h FinfraG). 2. Payment system A payment system is an entity that clears and settles payment obligations based on uniform rules and procedures (Art. 81 FinfraG). A payment system differs from a securities settlement system in that it clears and settles money rather than securities and/or financial instruments. The lines between these two definitions are somewhat blurred, and can only be defined exactly on a case by case by basis. 3. Operators of blockchains requiring an authorisation must be a legal entity under Swiss law and have a registered office and head office in Switzerland To meet the requirements of a central securities depository or a payment system (Art. 8 para. 1 FinfraG), the operator must be a legal entity under Swiss law and have its registered office and head office in Switzerland. If any one of these two requirements is not met, an operator of a blockchain operation does not fall within the scope of FinfraG. Foreign domiciled operators of central securities depositories and payment systems providing services to Swiss domiciled financial market participants must not file for recognition with FINMA as it is the case with other financial market infrastructures such as CCPs, MTFs, stock exchanges, and the like. This means, in other words, that only Swiss domiciled companies with a Swiss registered office and head office potentially require a licence as a financial market infrastructure. 4. Characteristics and requirements of an authorisation by FINMA as a financial market infrastructure A central custodian or a securities settlement system fulfilling the requirements of a Swiss Financial Market Infrastructure must in any case get an authorisation from the Swiss Financial Market Supervisory Authority (Art. 4 para. 1 FinfraG). A payment system requires authorisation from FINMA only if this is necessary for the proper functioning of the financial market or the protection of financial market participants, and if the payment system is not operated by a bank (Art. 4 para. 2). Whether a particular payment system endangers the proper functioning of financial markets or the protection of financial market participants will very often only become clear after conversations with FINMA. Systemically important central securities depositories and payments system will even require a permit from the Swiss National Bank and are subject to more extensive requirements (Art. 6 and 22 et seq. FinfraG). Central securities depositories and payment systems requiring an authorisation are all subject to the same general obligations such as organisational requirements (Art. 8 FinfraG), guarantees of irreproachable business conduct (Art. 9 FinfraG), information obligations in case of change of facts (Art. 7 FinfraG), consent requirements for ancillary activities and the outsourcing of activities (Art. 10 et seq. FinfraG), minimum capital requirements (Art. 12 FinfraG), business continuity management requirements (Art. 13 FinfraG), IT systems (Art. 14 FinfraG), and documentation and retention requirements (Art. 19 FinfraG) − and more besides. Central securities depositories are also subject to particular provisions regarding the principles for the custody, recording and transfer of securities (Art. 62 FinfraG), settlement deadlines (Art. 63 FinfraG), financial guarantees (Art. 64 FinfraG), fulfilment of payment options (Art. 65 FinfraG), capital and risk diversification (Art. 66 FinfraG), liquidity (Art. 67 FinfraG), events of default (Art. 68 FinfraG), and segregation (Art. 69 FinfraG). Specific duties might be defined by the Federal Council for payment systems, namely in terms of capital, risk diversification and liquidity, if it is necessary according to international standards. B. Does my blockchain operation require an authorisation as a bank? A blockchain operation, especially in the case of a VC, might be deemed only to be conducted by a ‘bank’ under the terms of the Swiss Banking Act and will thus require an authorisation as a bank from FINMA if it accepts deposits from the public on a professional basis. Operating on a professional basis means accepting at least 20 deposits from the public on a permanent basis as well as engaging in any related marketing activity, in particular in ads, prospectuses or electronic media. The Banking Ordinance sets forth multiple exceptions that are not public deposits, such as: • when deposits are only made in exchange for property or services (such as when VCs are used for that purpose) • in case of payment systems and means solely for the reception of goods or services if the balance of each client does not exceed CHF 3,000 and no interest is paid • deposits on settlement accounts without any interest payments and subject to short settlement deadlines • deposits of Swiss and foreign banks or other supervised enterprises, as well as guarantees of the repayment of deposits made by members of the public by a supervised bank. The simultaneous exchange of VCs against foreign exchange is not deemed to constitute a deposit made by the public. A non-simultaneous exchange might − depending upon the specific case − be deemed to constitute a deposit made by the public. C. Is my blockchain operation subject to anti-money laundering regulations and obligations? Blockchains operated in Switzerland or out of Switzerland qualify as a ‘financial intermediary’ and are generally subject to Swiss AML obligations if they professionally accept or keep as a custodian foreign assets or help to invest or transfer them (Art. 2 para. 3 Swiss Anti-Money Laundering Act (AMLA)). Most blockchain operations deployed in the financial industry and dealing with financial instruments will thus be subject to Swiss AML obligations. A financial intermediary has two main obligations: due diligence duties designed to prevent money laundering, and duties designed to prevent the financing of terrorism. In particular, these duties include the duty to identify the contractual party and the beneficial owner, a documentation duty regarding executed transactions, the implementation of organisational measures for the prevention of money laundering and financing of terrorism, and the duty to educate coworkers and audit firms. The financial intermediary also has the obligation to report any reasonable suspicion if he thinks that the assets arising out of the business relationship are of criminal origin. VCs are also covered by the concept of money and value transfers, meaning primarily that financial intermediaries have to identify the recipient of a payment as well as the beneficial owner of assets to be transferred from Switzerland (Art. 52 FINMA-AMLO). Precisely which entity in a decentralised blockchain operation will have to fulfil this obligation must be determined in each individual case. D. What are the criminal laws applicable to blockchain operations? Blockchain operations are also subject to criminal laws, in particular provisions governing acts aimed at frustrating the identification of the origin, the tracing or the forfeiture of assets which are known to be, or which must be assumed to be, of criminal origin (Art. 305bis Swiss Criminal Code (SCC)). Financial instruments routed through blockchain operations are, however, also protected against criminal behaviour against assets in the form of fraud (Art. 146 SCC) or embezzlement (Art. 138 SCC). Data with which blockchain operations are dealing are protected by many different criminal provisions, such as those governing illicit data gathering (Art. 143 SCC), data corruption (Art. 144bis SCC) and fraudulent misuse of data systems (Art. 147 SCC).