Ten years ago, Bitcoin was launched as a cryptocurrency fully outside of state control. There was no regulation and legal state involvement due to its nature and there was little perspective for it to be used in commercial transactions. Today, this is no longer the case, both for Bitcoin as well as the Blockchain technology behind it. As talk of Blockchains, cryptocurrencies and ‘digital assets’ has become widespread in the global business world, governments started paying close attention to how they can legally navigate crypto transactions. Countries are increasingly reviewing their regulation of cryptocurrency transactions by creating legal frameworks for creating, using, selling and buying cryptocurrencies. The UK is actively moving towards a clearer legal position on cryptocurrencies, but much work is yet to be done.
Despite the lack of clarity on cryptocurrency regulation in the UK, active steps have been taken by the UK government and the Financial Conduct Authority (FCA) to prepare for future demand for cryptocurrency investments. To protect the security of financial transactions, the Financial Services and Markets Act 2000 (Regulated Activities) Order (RAO) mandates strict regulation of financial services and markets. However, RAO applies to cryptoassets to a limited extent only. What this means for cryptocurrencies and how soon the UK government will introduce more specific regulations is a much discussed question. The answer becomes clearer each year.
The Cryptoassets Taskforce
In 2018, the Cryptoassets Taskforce was established by the UK government together with HM Treasury, the FCA and the Bank of England. The aim of the Taskforce is to promote the UK’s international reputation as a safe and transparent place to do business in financial services, both physical and digital, as well as to highlight future cryptocurrency regulations. As the UK government strives to ensure high regulatory standards in financial markets, it is willing to allow innovators and technologies to thrive. Yet consumer protection remains its key objective. To address the existing and future regulations of crypto assets and Distributed Ledger Technology (DLT), the Taskforce published its final Cryptoassets Taskforce Report as part of the government’s Fintech Sector Strategy in 2018.
The Report reviews different types of cryptoassets and the underlying technology behind them. It assesses the associated risks and potential benefits of using cryptoassets while setting out future plans on their regulation. The report also highlights that DLT will deliver significant benefits in financial services in the future, while cryptoassets will require scrutiny due to money-laundering risks associated with them. The report covers the steps which the FCA, the Bank of England and the HM Treasury take to prevent financial stability threats and encourages responsible development of legitimate cryptoasset-related activity.
Distributed Ledger Technology: permissioned vs permissionless
The Cryptoassets Taskforce addresses the ways in which DLT is regulated as the crypto-underlying technology. DLT is a type of technology that enables the sharing and updating of records in a decentralised way. The often interchangeable usage of the terms ‘DLT’ and ‘Blockchain’ can be confusing at times. Ultimately though, a Blockchain is a type of DLT. It is a way of structuring data on a DLT platform. Other types of DLT solution have been advanced by the likes of Hashgraph or IOTA’s Tangle with varying degree of success. Ultimately, any DLT is a solution to find consensus between distributed network participants. Users can securely validate, propose and record updates on a synchronised database – a ledger – that is distributed across the participants, i.e. computers participating in the DLT, also known as ‘nodes’. A DLT platform is similar to a database that stores information: it can store financial assets, tangible assets and digital assets but does so across distributed counterparties who might often not know or trust each other.
Which DLTs can be regulated? DLTs can be placed in two categories: permissioned and permissionless. Where DLT is permissionless, it operates without a central, trusted authority. This brings a lot of benefits but also causes regulatory concerns. Because anyone can become one of the multiple participants and keep identical copies of the ledger, due to the anonymity of the participants, cryptoassets in permissionless DLTs pose a higher risk. Permissioned DLT platforms, on the other hand, are restricted to a list of known and approved parties, e.g. banks. This provides a layer of security that is appealing to regulators – banks handle sensitive data and need to be aware of who they are dealing with on the platform.
In short, Banks, regulators and ‘traditional’ financial players love permissioned DLTs. On the other hand, Futurists, Cypherpunks and the tech world love the possibilities that permissionless Blockchains such as Ethereum can enable through Decentralized Finance (DeFI) and other applications.
Cryptoassets: regulated vs unregulated
Cryptoassets are one application of DLT. A cryptoasset is a cryptographically secure digital representation of value of contractual rights that uses DLT. It can be transferred, stored or traded electronically. For example, Bitcoin and Litecoin are referred to as ‘tokens’ by the FCA. They classify tokens into three categories: exchange tokens, security tokens and utility tokens. Security tokens are considered ‘specified investments’ under FSMA 2000, which means they provide rights such as ownership, repayment of a specific sum of money or entitlement to a share in future profits. Security tokens can be financial instruments under the EU’s Markets in Financial Instruments Directive II (MiFID II). These are key legislative havens that regulate security tokens, even if these are cryptoassets.
Why are only security tokens regulated? Since security tokens can be used as a capital raising tool, or for direct and indirect investment, they are associated with traditional instruments, such as shares. Security tokens are within the regulatory perimeter, meaning that firms carrying on specified activities involving security tokens need to obtain correct permissions and are following the relevant rules. This is because security tokens give their holders rights akin to those provided by specified investments. Exchange and utility tokens, on the other hand, do not yet fall within the regulatory perimeter.
What else is regulated? For example, cryptoassets as means of exchange are sometimes considered ‘e-money’ pursuant to Payment Services Regulations and Electronic Money Regulations 2018, meaning they are regulated. Next, when crypto assets are used to facilitate a regulated payment service as set out in Payment Services Regulations 2017 (PSR), they will be regulated. Also, financial instruments that reference crypto assets include contracts for difference (CFDs), alternative investment funds and options, which are regulated as per MIFID II.
Even though security tokens and the examples above fall within the regulatory perimeter, the Taskforce recognises that the novel nature of some cryptoassets may mean that regulations are not being correctly understood. The complexity and opacity of many cryptoassets means it is difficult to determine if they qualify as security tokens. Additionally, depending on whether a DLT is permissionless or not, there is still room for fraudulent activity behind cryptoasset investments. This makes the regulations harder to enforce.
The Cryptocurrency Taskforce concluded that despite the attempts to regulate cryptocurrencies, there will remain risks associated with money laundering and illicit activities. This goes hand in hand with the EU Fifth Anti-Money Laundering Directive (5MLD), which provides a global response to the use of cryptoassets for illicit activity. Yes, cryptoasset regulation may still cause questions. But the UK is starting to provide clearer responses.
Risks will exist but regulators find ways to enter the game
In sum, UK regulators are demonstrating a relatively sophisticated level of understanding of the new Blockchain and cryptocurrency world and are not rushing in to ban what they do not understand. Prudent regulation will provide more regulatory certainty in the cryptocurrency world which is a positive thing for all parties involved – the users, the governments, the cryptocurrency investors and holders. Clear regulations will open the doors for more institutional investors and provide more certainty in the industry overall. This will increase the demand for cryptocurrency-related activities, reassure the users and create business opportunities. In the long-run, legal oversight on cryptocurrencies will reduce the risks associated with them and safeguard the users from fraud without closing down the many opportunities brought about by decentralized finance and permissionless DLTs.