European ICO regulations, part two.

in #ico7 years ago

Hello World;

In this blog post I discuss the current ICO regulation in various European countries.

The popularity of ICO's as a fundraising mechanism for cryptocurrency and fintech startups has grown exponentially in recent years.

In this respect, government agencies have responded with an increasing urge to develop constructive regulation for the sector to ensure growth and safeguards for the marketplace.

I focus exclusively on the continental European market. I've intentionally left the UK out, due to possible ramifications resulting from Brexit. However, I've tried to cover the most important markets for hosting an ICO as comprehensively as I can.

All data is based on current regulation in the end of the first quarter of 2018.

Countries covered in Part 2:

  1. Netherlands

  2. Switzerland

  3. Liechtenstein

  4. Gibraltar

  5. Cyprus

  6. Malta

The list is incomplete, as it doesn't include notable cryptocurrecy-friendly jurisdictions, such as Czechia, Slovenia, Croatia, Greece, Ireland, Luxemburg or Latvia. Perhaps, I'll discuss these jurisdictions in a third part of this blog post.

-Netherlands

“A clear ICO regulatory structure could do for the Netherlands what venture capital did for Silicon Valley.”

The Dutch chamber of commerce is collecting stakeholders for creating regulation for ICO's within the country. The overall attitude is very positive, and ICO's are seen as a successor to the legacy stock market infrastructure.

The Dutch model to fuel the industry:

-Corporates and governments are excellent clients and co-creation partners for startups
-The best (international) entrepreneurs & teams collaborate in the Netherlands and co-create the best solutions
-Regulatory clarity, guidance and enforcement
-Enable new influx of capital, spent in the Netherlands
-Build from the Netherlands, for the Internet, for the world to use

Dutch regulations aim to divide types of ICO tokens according to the following classification:

-Securities; Participation in the value increase (profit) generated from the operation of an entity. Similar to stocks or bonds.
-Commodity tokens; A store of value or a representation of a real world asset such as fiat currency or a commodity like gold. Similar to commodities or currency.
-Utility/Licenses; A token that enables owners to do something that non-owners can’t such as receive a discount or use a system. Similar to a software license of a membership fee.
-Worker/Points; A token for the payment of goods or services that is consumed when used such as a voucher or airline points. Similar to a pre-paid card for a store.

The logic:

“There are an infinite variety of tokens that can be created on the blockchain. However, all of the tokens that have been used to raise more than a million dollars fall into one or more of the four categories below. The best performing financially have not been tokens that act like securities but commodity tokens used to transfer value. In fact, the top 14 cryptocurrencies which represent 89% of the market cap are all commodity tokens.”

Regulatory Framework by Token Type

A regulatory framework needs to exist that takes a suitable approach for each token type. When tokens represent multiple types all requirements for the corresponding types could be merged to create the list of requirements.

Most of the regulations that support a “responsible ICO” are already in place. The aim here is to explore, with all stakeholders, what needs to be changed, so that responsible ICOs can actually happen here in The Netherlands. The following input mostly consists of suggestions and open thoughts.

Security tokens:

The main principle is that anyone should be able to invest a certain amount their
accumulated wealth/ capital in projects they believe have a sound future, given any risk
profile. The key is that trust can be build in the network by peers, cumulative (tier 1,2,3
etc).

Existing security framework could apply with minor modifications, for example:

  1. Technically Sophisticated Investors,
  2. Proportional Income Investing
  3. New due diligence requirements.

Commodity tokens:

Tokens that represent a real world commodity should have proper custodial licensing
for any commodities held on behalf of users. Tokens that represent digital commodities
(e.g. a token economically pegged to the value of a commodity but not directly
redeemable for the commodity) should require a combination of security audits of the
smart contracts and crypto-economic audits of the incentive and value structure by
industry recognized auditors.

Utility/License tokens:

Utility and license tokens have an intrinsic value for the user. They operate much like a
software license or a membership agreement.

There should be some relationship between the token sales and the total value to
users. For example, tokens sales might be limited to the intrinsic value of the tokens as
measured by V * 5 * G (where V = the annual intrinsic value of all tokens actively used
in the system and G = the Growth Factor). This would encourage projects to have
multiple releases of tokens in a slow drip as they prove/increase the value of their
tokens and their growth rate.

New projects that don’t yet have valid numbers for V or R could be allowed to raise
money based on projections with X% of funds raised stored in escrow until values for V and R can be demonstrated to be in line with projections or a release is approved by avote of 51% of project contributors.

Worker/Point tokens:

If the worker token is directly exchangeable for fiat currency, existing money
transmission rules should apply. If the token is not exchangeable for fiat currency by the
project directly but only goods or services no special rules should apply.

Sale of Worker tokens in advance of their use should be restricted. For example, to the
projected 5 year maximum needed supply U * 5 * G (where U = the annual usage and
G = the growth factor). New projects that don’t have actual numbers could be required
to post projections with a setup of milestones based on monthly use of worker tokens in
the system (e.g. 100K tokens/mo, 200K tokens/mo, etc.). x% of funds raised could be
placed in escrow. Every time the project achieve a milestone the percentage that
milestone represents of the total number of milestones could be released.

A release could also be allowed if approved by a vote of 51% of project contributors.

Security tokens additional requirements

Technically Sophisticated Investor
Technically sophisticated investors are investors that have work in the field of the investment or have a
degree in the area of the investment. Security Token investors should provide evidence of competency
in the field of the investment if they don’t meet sophisticated investment rules.

Proportional Income Investment
Proportional income investments are investments that are minor in light of the income of the investor.
Anyone should be allowed to invest up to X% of his or her income or X% of his or her total amount of
capital in ICO within the Dutch process. Any adult should be allowed to invest at least 100 euros.

Due Diligence
Projects seeking to accept investments from unsophisticated investors could be required to have at
least X% of their initial raise from professional investment firms who perform due diligence on the
project. In order to qualify, initial investments must proceed at a price that is close to ICO price (e.g. no
less than 40% of VWAP (volume-weighted average price) in the first 6 months of crowdfounding and no less than 70% of the initial price at outset) and must impose sufficient transfer restrictions on early
investors (e.g. no less than 6-12 months longer than ICO participants).

Disclosures
All token projects should be required to disclose tokens and other payment structures for all project
contributors and advisors. Due diligence providers, advisors and key employees should have a token vesting plan that transfers control of tokens over at least a 3 year period. Spending of ICO funds must be sufficiently restricted to that defined in the original ICO documents (a.k.a. “Project whitepaper”) and any material changes to ICO fund spending must undergo public review and approval by token holders. All projects should be required to have a public comment form where questions can be asked and answers provided.

The price paid or value of services received for any token sale in the project's history should be fully disclosed.

Preventing Manipulation of Tokens (Speculation)
To prevent manipulation of the tokens price by pump and dump strategies, projects should be required to use at least 10% of their total tokens for treasury activities that reduce speculation. Funds raised from these tokens should be maintained in a separate treasury used only for this purpose. If the project feels the price of its tokens is too high it should be allowed to sell tokens and if tokens are being dumped it should be allowed to buy its tokens with its treasury funds. Projects should be allowed to contract with an outside entity to perform this service.

Exemptions
Any project should be allowed to go file for an exemption to the normal requirements. For example, a utility token project that wants to raise more than the network Value * 5 * Growth Factor should be able to ask for an exemption. Exemptions would be granted on the merits of the argument. Projects would be required to propose alternative requirements along with the reasons for the exemption request.

The proposal includes a mandatory three-year growth plan to be filed to the regulator.

KYC / AML Compliance
All projects should be KYC / AML compliant

Input for this document:
Invited to co-write, read and provide feedback Ministry of Finance, Ministry of Economic Affairs, Ministry of Economic Affairs, Dutch Blockchain Coalition, AFM, DNB, Mattereum, Coinfund.io, Deloitte, RUG, UVA, StartupDelta.

Conclusion:

The Dutch government is ambitious and open to ideas concerning ICO's and developing the cryptocurrency services ecosystem within the country. Industry players can play a pivotal role in formation of the Dutch strategy.

All of the abovementioned suggestions are in the second quarter of 2018 indicative. The Dutch ministry of finance expects ICO organizers to be proactive and connect with government agencies in finding proper ways to develop the regulations.

-Switzerland

Switzerland is by far the most popular location within Europe to organize an ICO by early 2018, mostly due to favourable tax environment, lack of restrictive regulation and banking protections.

In the second quarter of 2018, Swiss financial regulator FINMA has issued the following statements regarding ICO's organized in Switzerland:

FINMA will 'push for removal of unnecessary regulatory obstacles for innovative business models'.

-Principle-based, technology-neutral and competition-neutral regulation and supervision
-Transparency and legal clarity
-Zero-tolerance to criminal behaviour

FINMA is expected to announce regulations for ICO's within 2018.

The Swiss federal government is expected to launch a working group for Blockchain and ICO's, in which the FINMA will participate.

Generally speaking, the regulations will concern the following types of token definitions:

-Utility tokens, where the token is used to purchase a product or a service at the point of issue, or
-Payment tokens, where the tokens have attributes to a cryptocurrency, including crowdfunding and crowdsales, or
-Digital property, where the token is treated as a financial asset. Securities and debt tokens will also fall under this category.

The function of the token and it's classification can change over time.

Token definition categories are not mutually exclusive. In these cases, requirements are cumulative, which means that requirements in all included categories are required to be met.

Securities tokens are always subject to securities law, as follows:

Securities “Effekten” are defined as: standardized certificated, “Wertpapiere” and uncertificated securities “Wertrechte”, derivatives and intermediated securities “Bucheffekten”, which are suitable for mass trading.

Securities suitable for mass trading encompass certificated and uncertificated securities, derivatives, and intermediated securities which are publicly offered for sale in the same structure and denomination or are placed with more than 20 clients, insofar as they have not been created especially for individual counterparties.

Uncertificated securities are rights which, based on a common legal basis (articles of association/issuance conditions), are issued or established in large numbers and are generically identical. Any fungible claim or membership right (vertretbares Forderungs oder- Mitgliedschaftsrecht) can be the basis of uncertificated securities (Wertrechte). This includes but not limited to, tokenized debt or equity instruments such as shares or debentures.

The only formal requirement to create uncertified securities is to keep a ledger in which details of the number and denomination of the uncertified securities issued and of the creditors are recorded. (Wertrechtebuch, Art. 973c. Para. 3 [OR]). There are no requirements as to the form of the uncertified securities ledger. It can be kept on a blockchain.

The issuance (distribution) of tokens is not a prerequisite for the creation of uncertified securities. In the case of pre-financing and pre-sale phases of an ICO which confer claims to acquire tokens in the future, these claims will also be treated as securities if they are standardized and suitable for mass standardized trading.

There are various legal opinions as to whether tokens which give rise to no claims on the issuer (in particular payment tokens) constitute securities.

Given that payment tokens are designed to act as means of payment (ie. For the purpose of acquiring goods or services or as means of money or value-transfer) and are not analogous in their function to traditional securities, FINMA will not treat payment tokens as securities.

If payment tokens were to be classified as securities through new case law or legislation, FINMA would accordingly revise its practice.

Utility tokens are intended to provide access digitally to an application or service by means of a blockchain-based infrastructure.

In order to qualify as a utility token according to the FINMA guidance, the following requirements must be met:

-The sole purpose of the token is to confer digital access rights to an application or service, (ie. No investment function) and,
-A token can actually be used in this way at the point of issue.

In such cases, where the connection with capital markets, which is a typical feature of securities, is missing, FINMA will not classify tokens as securities.

Implications for ICO organizers:

-Self-issuance of securities is regulated under FMIA [FinfraG] or SESTA [BEHG]. The same applies to public offering of securities to third parties without intermediaries.
-However the creation and issuance of derivative products as defined by FMIA to the public on the primary market is regulated (Art. 3 para. 3 SESTO [BEHV]).
-The issuing of equities or bonds can result in prospectus requirements under the Swiss Code of Obligations, which are currently not subject to supervisory law.

According to the draft Financial Services Act (FinSA), prospectus requirements will become part of supervisory law (Art. 37 Draft FinSA). The Swiss Code of Obligations and FinSA provide for a number of different exceptions and exemptions.

Implications for intermediaries:

-Underwriting and offering tokens constituting securities of third parties (e.g. an ICO organizer) publicly on the primary market, if conducted in a professional capacity, is a licensed activity (Art. 3 para. 2 SESTO [BHEV]).

-Client dealers, i.e. securities dealers who, in a professional capacity, trade in securities in their own name for the account of clients and maintain accounts for these clients themselves or with third parties in their own name (Art. 3 para. 5 SESTO [BHEV]), are also subject to FINMA licensing requirements.

-Specific licensing requirements may apply for trading venues (stock exchanges or multilateral trading venues, Art. 26 seqq. FMIA [FinfraG]) and organized trading facilities (Art. 42 seqq. FMIA [FinfraG]).

Classification as deposits:

-The primary purpose of the banking act is to protect the public, particularly bank creditors and their deposits.

-The issuing of tokens is not generally associated with claims for repayment on the ICO organizer.

-To this extent, there is no requirement to obtain a banking license.

-Liabilities with debt capital characteristics (e.g. promises to return capital with guaranteed rate of return) are treated as deposits.

-Possible exceptions under banking act:

-Consideration from a contract for the transfer of ownership or for the rendering of a service or a transfer as a security (Art. 5 para. 3 let. a BO).

-Bonds or other debt instruments which are standardized and issued en masse and other uncertified rights with a similar function (uncertified securities) (Art. 5 para. 3 et. a BO).

Applicability of the Collective Investment Schemes Act:

-The purpose of the Collective Investment Schemes Act is to protect investors and ensure proper functioning of the market for investment fund products.

-The provisions of the Collective Investment Schemes Act are relevant only if the funds accepted in the context of an ICO are managed by third parties.

Applicability of the Anti Money-laundering Act:

-The objective of the Anti Money-laundering Act is to protect the financial system from money-laundering and financing of terrorism.

-Anyone who provides payment services or who issues or manages a means of payment is a financial intermediary subject to the Anti Money-laundering Act (Art. 2 para. 3 let. b AMLA).

-Definition as a means of payment:

-Transfer of assets by a third party in the context of a payment system

-Regardless of whether the payment system can only be accessed by a limited number of users

-Not subject to Anti Money-laundering Act: Two-party relationships (issuer of means of payment = user of payment system).

Payment tokens are defined as cryptocurrencies.

Issuing of utility tokens (and hybrids with utility element):

-In the case of utility tokens, Anti Money-laundering regulation is not applicable as long as the main reason for issuing the tokens is to provide access to a non-financial application of blockchain technology.

-In other words, if the payment function of the utility tokens is an 'accessory service' (Art. 2 para. 2. let. a no. 3 AMLO) the issuing of such tokens does not constitute the issuing of a means of payment.

-Classification as an 'accessory service' (cumulative):

-Service which is integrated into a contractual relationship unrelated to the financial sector

-Contracting party which provides the primary service also provides the accessory service

-The accessory service is of subordinate importance to the primary service

-Provision of the primary service is not necessarily possible without the token

Compliance with Anti Money-laundering regulation:

Due diligence reporting involve among others:

-Not accepting assets originating from criminal activities

-Establishing the identity of the client and the beneficial owner(s) of the assets (q.v. Video and online identification circular)

-Clarifying the economic background of suspicious business relationships

-Clarifying and recording relationships and transactions of increased risk

-Complying with organizational measures

-Filing a report with the Money-laundering reporting office Switzerland (MROS) where suspicions of money-laundering arise.

Affiliate to a self-regulatory organization:

-Individuals and companies in the para-banking sector who accept or hold assets on a professional basis or assist in the investment or transfer of such assets must affiliate to a self-regulatory organization or to be subject directly to FINMA.

-These requirements can be fulfilled by having the funds accepted via a finacial intermediary who is already subject to AMLA in Switzerland and who meets the due diligence requirements on behalf of the organizer.

-The ICO organizer does not have to be affiliated to a self-regulatory organization or licensed directly by FINMA.

Exchange of cryptocurrencies:

-Purchase and sales of cryptocurrencies on a commercial basis is defined as (cryptocurrency to fiat money / fiat money to cryptocurrency / cryptocurrency to cryptocurrency)

-Offering of services to transfer tokens if the service provider manages the private key (custody wallet provider)

If these conditions are met, Anti Money-laundering regulation is applicable.

FINMA strongly recommends ICO organizers to approach the agency prior to token distribution to ensure compliance.

-Liechtenstein

Liechtenstein government is very open and favourable to ICO's organized within the country.

Legal framework and licensing requirement:

Depending on their specification, tokens may constitute financial instruments subject to financial market law.

This may include tokens that have characteristics of equity securities or other investments.

In principle, activities relating to financial instruments are subject to licensing by the FMA on the basis of special legislation and may require publication of a prospectus.
In all cases, the specific design and de facto function of the tokens are decisive.
Any AML/KYC obligations also depend on the specific design.
Connecting factors for FMA jurisdiction exist, for instance, if a company's registered office or branch is in Liechtenstein and/or if relevant activities are pursued on the Liechtenstein market.

Questions relating to company and tax law may also arise in connection with an ICO and the issued tokens. Please consult the Office of Economic Affairs and the Fiscal Authority in this regard.

Additional information

In all cases, it is recommended that ICOs be clarified with the FMA in advance, given that violations of financial market regulations entail penalties.

In light of the possible legal implications, the FMA also recommends obtaining competent legal advice.

So that the FMA is able toreview a case, the following documents and information should
ideally be provided:

-the white paper, especially including detailed information on the procedure and sequence of the ICO as well as the functioning of the tokens to be issued;
-a concrete business plan covering in particular the company and its strategy and business activities as well as the project and financing

The FMA is happy to answer any questions you may have at [email protected]

Conclusion:

Liechtenstein government is welcoming to ICO projects, and reviews every project on a case-by-case basis. No special restrictions apply to securities tokens, but reporting requirements and compliance with the local securities law is expected in the case of issuing securities tokens. The government is open to discussion about innovative business models.

All ICO projects in Liechtenstein are assumed to hold a local general business license.

-Gibraltar

Gibraltar government is generally open to ICO's organized in the country.

There are proposed regulation, being developed by the government as a response to a perceived regulatory vacuum. The general attitude is positive, towards ICO's and digital assets as a new asset class.

Until regulation is completely formulated, the Gibraltar government proposes a framework where a local sponsor works together with the ICO organizer to ensure compliance with existing regulations.

Below, I recite the proposal for the Gibraltar's government regarding ICO regulation. One must notice that the document isn't current legislation. It is a government proposal for legislation.

Defining the problem
Lack of regulation
Unless structured as a security (e.g. with an equity interest or right to distributions of, say, profits or in the event of winding up) or as a debt instrument, tokens do not constitute any form of regulated financial instrument, either in Gibraltar or, generally, elsewhere in the EU. Consequently, they (and their sale) are unregulated.
Tokens have proved popular as a means of participating in early-stage ventures and projects. There are risks to the general public and to inexperienced investors, in particular, in subscribing for unregulated crowd financing instruments. Such risks are heightened where underlying products and services have yet to be built, tested and deployed, or market demand established.

Definition of security
Most often, tokens do not qualify as securities under Gibraltar or EU legislation. In many cases, they represent the advance sale of products that entitle holders to access future networks or consume future services. They are akin to mobile phone companies pre-selling airtime in networks they plan to build using the proceeds of those airtime sales. As such, these tokens represent commercial products (albeit reliant on future availability and utility) and are not caught by existing securities regulation in Gibraltar.
Tokens are sometimes created with the characteristics of a virtual currency, serving principally as a medium of exchange within an ecosystem (or marketplace) of consumers and service providers. In some cases (e.g. where a centralised virtual currency is involved), the organiser of the DLT system may fall within scope of the DLT Regulations2 but the token sale, secondary market conduct and investment services relating to tokens remain unregulated.
The driver for purchasing tokens in an ICO is typically the expectation of making a return by selling them at a profit once the project is successfully completed and its products or services become popular and in demand. This is similar to early acquisition and holding of commodities with a view to trading them later at a higher price.

Tokens: distinct from underlying object
Tokens are digital representations of something else, whether tangible or intangible. As such, they are distinct from any underlying object. Much like derivatives, trading tokens is not necessarily the same activity as trading its underlying asset (where one exists). So, for example, sale of a token representing a physical asset is not the same as selling that physical asset.

Proposed regulatory response
New legislation is proposed to regulate the following activities conducted in or from Gibraltar:
 the promotion, sale and distribution of tokens;
 operating secondary market platforms trading in tokens; and
 providing investment and ancillary services relating to tokens.

Existing distributed ledger technology providers' regulations can be found through this document:

http://gibraltarlaws.gov.gi/articles/2017s204.pdf

Goals
Desired outcomes are to protect customers, to protect Gibraltar’s reputation, and to support the safe use of token-based crowd financing.
Protect consumers
Token-based crowd financing exposes the public to both unscrupulous and naïve entrepreneurs. Similarly, there are market conduct risks to users of secondary market platforms used for trading tokens. Those being offered investment and ancillary services relating to tokens also run the risk of poor professional or conduct standards.
It is therefore desirable to establish a regulatory regime that mitigates such risks and provides appropriate and adequate safeguards by:
 requiring full and accurate disclosure of information;
 imposing rules for the orderly and proper conduct of secondary market platforms; and
 requiring competent professional investment services.

Protect Gibraltar’s reputation
Gibraltar is committed to being a safe and sound place in which to do business. It is therefore desirable to provide regulatory certainty and establish a regulatory regime that mitigates the risk of fraud and financial crime, and protects Gibraltar’s reputation and integrity.
Support the safe use of tokens as a means of crowd financing
Well-funded businesses help Gibraltar's economic development. Raising finance is vital to every business, especially to startups and small and medium-sized enterprises. Crowd financing is a perfectly legitimate method of raising finance as is seeking public subscription for new ventures. It is therefore desirable to establish a regulatory regime that helps firms in Gibraltar to develop new products and services and maintain competitiveness whilst, at the same time, protecting consumers and Gibraltar’s reputation.

Proposals
Outline and scope
It is proposed that new legislation will regulate the following activities conducted in or from Gibraltar:
 the promotion, sale and distribution of tokens;
 the operation of secondary market platforms trading in tokens; and
 the provision of investment and ancillary services relating to tokens.

It is proposed that GFSC will regulate:
 authorised sponsors of public token offerings;
 secondary token market operators; and
 token investment and ancillary service providers.

It will not regulate:
 technology;
 tokens, smart contracts or their functioning;
 individual public token offerings; or
 persons involved in the promotion, sale and distribution of tokens.

It is also proposed to make undertakings that receive proceeds from the sale of tokens subject to anti-money laundering (AML) and countering financing of terrorism (CFT) legislation, and to designate GFSC as their relevant supervisory authority for AML/CFT purposes.
The provisions of the Financial Services (Distributed Ledger Technology Providers) Regulations 2017 (DLT Regulations) will, where applicable, still apply to firms caught by the new token regulations.

Promotion, sale and distribution of tokens to the public

Public offering of tokens

The public offering of tokens that constitute securities are already adequately caught by existing securities legislation and do not require further regulation.

The public offering of tokens that are not securities and that do not constitute outright gifts or donations are, typically, offers of commercial products and services (which, at the time of sale, may or may not yet exist). Such tokens are sometimes referred to as utility or access tokens and the like. In circumstances where a token constitutes a product or service that does not yet exist (or is not, at the time of sale, substantially functional), it represents, in effect, no more than a hope or ambition to deliver that product or service in the future. In such cases, purchasers risk that the product or service might never be delivered and often waive any right to the return of the price paid. Purchasers may well be prepared to take that risk but it is appropriate that they be presented, in advance, with all relevant information to enable them to make an informed decision.

The first limb of the proposed token regulations is intended to regulate primary market promotion, sale and distribution of tokens, that are neither securities nor outright gifts or donation, conducted in or from Gibraltar. Tokens that function solely as decentralised virtual currency3 (e.g. Bitcoin) or as central bank-issued digital currency will be excluded from this limb of the regulations. However, it is possible for tokens to have an underlying economic function that is both virtual currency and something else. Such hybrid tokens will be caught by this limb of the regulations.

In or from Gibraltar
The first limb of the regulations will apply to activities carried out in or from Gibraltar and are intended to include activities:
 which purport to be or imply that they are made from Gibraltar;
 are intended to come to the attention of or be accessed by any person in Gibraltar;
 are conducted by overseas subsidiaries of Gibraltar-registered legal persons (in such cases, the Gibraltar person will be liable); or
 are conducted by overseas agents and proxies acting on behalf of Gibraltar-registered legal persons, or on behalf of natural persons ordinarily resident in Gibraltar (in such cases, the Gibraltar person will be liable).

Disclosure rules
The proposed regulations on the promotion, sale and distribution of tokens will require adequate, accurate and balanced disclosure of information to enable anyone considering purchasing tokens in the primary market to make an informed decision. The regulations may prescribe what, as a minimum, constitutes adequate disclosure, and in what form disclosures are made (e.g. in a key facts document not exceeding 2 pages). From time to time, guidance on disclosure rules may be published by GFSC.
Financial crime provisions
Undertakings that receive, whether on their own account or on behalf of another person, proceeds in any form from the sale of tokens will be brought into scope of the Proceeds of Crimes Act 2015 (POCA) and will need to comply with its AML and CFT provisions. GFSC will be their AML/CFT supervisor. These changes will be implemented by a separate Regulation and notification under POCA.

Authorised sponsors
The proposed regulations will establish a regime for the authorisation and supervision of token sale sponsors (authorised sponsors) possessing appropriate relevant knowledge and experience who will be responsible for compliance with this limb of the regulations. An authorised sponsor will need to be appointed in respect of every public token offering promoted, sold or distributed in or from Gibraltar.
Authorised sponsors may be appointed by the Gibraltar promoter or by organisers of the offering, wherever located. Authorised sponsors will be required to have mind and management in Gibraltar.
Authorised sponsors may provide additional services to sponsorship clients, over and above those of assuring compliance with this limb of the regulations (e.g. acting as custodian of the proceeds of the token sale and/or supervising their release according to sale conditions).
Authorised sponsors may delegate or outsource some of their work to others, including to persons located overseas, but will remain directly accountable to GFSC for the actions of their delegates.
Codes of practice
Authorised sponsors will be required to have in place one or more codes of practice relating to offerings they sponsor. This is seen as a crucial step in establishing best practice for token sales conducted in or from Gibraltar. Authorised sponsors are considered to be in the best position to determine best practice for the offerings they sponsor and will be free to apply different codes to different categories of tokens and offerings. Codes of practice may set out such matters as the method for applying and distributing sale proceeds.
A code of practice must be incorporated into the authorised sponsor’s agreement with each of their sponsorship clients. The submission of codes of practice will form part of an authorised sponsor’s licence application, and amendments thereof must be reported, in advance, to GFSC and will be treated in the same way as any other major business change.
It is intended that the regulations should specify principles governing the content of codes of practice. Authorised sponsors will be free, subject to approval, to set their own methodologies for implementing the principles.

Registers of authorised sponsors, codes of practice, sponsors’ clients and tokens
GFSC will establish and maintain a public register of authorised sponsors and their respective past and present codes of practice.
Authorised sponsors will register details with GFSC of public offerings for which they are engaged and, in respect of each of them, details of:
 the client(s) for whom they act;
 the token(s) included in the offering;
 the code of practice applicable to the offering; and
 any interest they, and connected persons, have in the tokens offered.

GFSC will add the offering details to the public register within 5 business days of receipt from an authorised sponsor. The regulations may set out grounds upon which GFSC may refuse to add, or may remove, offering details on the register. The promotion, sale and distribution of a public token offering may only be conducted in or from Gibraltar once, and while, the offering appears on the register.
New controlled activity and offence
The proposed legislation will add:
 the controlled activity of being an authorised sponsor; and
 an offence of promoting, selling or distributing tokens without complying with:

  1. the requirement for an authorised sponsor;
  2. the requirement for a current entry on the public register;
  3. specified disclosure obligations; and
  4. relevant provisions of POCA, where applicable.

Secondary market activities
Secondary markets in tokens and their derivatives
Apart from relevant provisions of the DLT Regulations, operating a secondary market platform for trading tokens is not currently regulated in Gibraltar. It is proposed to regulate the conduct of secondary market platforms, operated in or from Gibraltar, that are used for trading tokens and, to the extent not covered by other regulations, their derivatives. The aim is to ensure such markets are fair, transparent and efficient.
The proposed regulations are intended to:
 ensure organised trading takes place only on regulated platforms;
 establish transparency and oversight of secondary token markets;
 enhance investor protection;
 impose conduct of business rules; and
 encourage competition.

The proposed regulations will set out requirements for:
 disclosure to the public of data on trading activity;
 disclosure of transaction data to GFSC; and
 specific supervisory actions concerning tokens and positions on token derivatives.

The scope of this limb of the proposed regulations will cover secondary market trading of all tokenised digital assets including virtual currencies.
This limb of the regulations will be modelled, so far as is appropriate, proportionate and relevant, on market platform provisions under MiFID 2 and MiFIR. Guidance may be issued by GFSC, from time to time, as appropriate.

Authorised secondary token markets
It is proposed that GFSC will authorise and supervise secondary token market operators, and establish and maintain a public register of such operators.
New controlled activity
The proposed legislation will add the controlled activity of operating a secondary market platform used for trading tokens and their derivatives.

Investment and ancillary services relating to tokens
Regulated token investment service
Providing investment and ancillary services relating to tokens is not currently regulated in Gibraltar. It is proposed to regulate the provision of investment and ancillary services in or from Gibraltar and, to the extent not otherwise caught by regulations, their derivatives. The aim is to ensure such services are provided fairly, transparently and professionally.
This limb of the regulations is intended to cover, inter alia, advice on investments in tokens, virtual currencies and central bank-issued digital currencies, including :
 generic advice (setting out fairly and in a neutral manner the facts relating to token investments and services);
 product-related advice (setting out in a selective and judgemental manner the advantages and disadvantages of a particular token investment and service); and
 personal recommendation (based on the particular needs and circumstances of the individual investor).

This limb of the regulations will be modelled, so far as is appropriate, proportionate and relevant, on similar provisions under MiFID 2. Guidance may be issued by GFSC, from time to time, as appropriate.
Authorised token investment services
It is proposed that GFSC will authorise and supervise token investment service providers, and establish and maintain a public register of such providers.
New controlled activity
The proposed legislation will add the controlled activity of providing investment and ancillary services relating to tokens.

Tokens that aren't securities tokens are straightforward to organize in Gibraltar through a local sponsor.

Securities tokens must comply with the local securities law, and organizers of ICO's where tokens are securities do not necessarily have access to the EU market, if Brexit begins to concern Gibraltar as well. Currently Gibraltar's blockchain technology service providers have access to the EU market according to current treaties.

Overall, Gibraltar's position is competitive and the proposed legislation is straightforward – assuming that Brexit won't hinder Gibraltar's political position towards the European Union and the proposal is accepted without great modifications.

-Cyprus

The Cyprus Securities and Exchange Commission (CYSEC) is planning to use blockchain technology to facilitate digital payments. The regulator has established a working group to outline plans for possible regulation that would help to grow the industry.

CYSEC is now working to use blockchain in order to revolutionize the way in which any asset is moved over a foreign exchange. The commission has teamed with Blockchain Technology for Algorithmic Regulation and Compliance (BARAC), an academic and business alliance, furthering the study of ways FinTech can improve the industry.
The commission is also examining how blockchain can be used in crowdfunding. “We think it’s a product, a way to raise small funds to finance start-ups,” said Kalogirou. “2018 is the time to put crowdfunding in place. We have given it priority.”
Industry players relocating to Cyprus could have a competitive advantage, if they can work together with the government towards a solid proposal for regulatory framework.

The general attitude of the government is currently generally positive.

There currently exist no regulations regarding ICO's in Cyprus.

Malta:

The government of Malta is looking into establishing regulations for the cryptocurrency industry and ICO's alike, from a technology-neutral platform.

The government has established a financial action task-force regarding the regulation. Regulation should be complete during 2018.

The regulations as proposed, treat all digital currencies under the same umbrella.

-Non-blockchain digital currencies are rated under the classification of E-Money.
-Cryptocurrencies have their own classification.
-Non-security tokens are generalised as utility tokens.
-Security tokens are classified as securities, which must comply with the securities law.

It is proposed that cryptocurrency and ICO regulation could fall under existing financial services legislation, such as the Investment Services Act. Cryptocurrency services not falling under the existing legal framework would in this respect be unregulated.

Policy-principles in proposed legislation follow guidelines issued by the European Union financial services authority ESMA. Generally it is expected that ESMA takes the first step to issue unilateral regulation before the government of Malta can make a judgment on the subject matter.

MiFID II is assumed to be current legislation.

The general attitude of the government is currently generally positive.

There currently exist no regulations regarding ICO's in Malta.

Malta Financial Services Authority, MFSA is proposing that, in order to achieve the objectives of financial regulation, certain VCs and activities pertaining to them would be licenced and regulated under a new legislative framework to be drafted by the MFSA and adopted by the Maltese Parliament, the Malta ‘Virtual Currencies Act’.

The Virtual Currencies Act and any relevant subsidiary legislation would regulate the carrying on of business associated with VCs falling outside the scope of the existing EU and national financial services legislation and make provision for matters ancillary thereto or connected therewith. The Act would apply a principles-based approach to regulation supplemented by MFSA guidance, rather than detailed rules which would possibly stifle technological innovation.

Before being granted a license, the blockchain, cryptocurrency and ICO services would be subjected to a MiFID -compliance test:

The test is currently being devised by the MFSA, and will form part of the proposed Virtual Currencies Act in order to determine the scope of activity and instruments that would fall under this Act.

Persons involved in Virtual Currencies Activity
This section should be read in line with the following overarching principle: persons involved in virtual currencies activity are required to be ‘fit and proper’, have the competence, sufficient knowledge and expertise, experience, business organisation and systems necessary in the field of information technology, virtual currencies and their underlying technologies, including but not limited to Distributed Ledger Technology.

In circumstances where the Financial Instrument Test indicates that a virtual currency issued through an ICO qualifies as a financial instrument, the issuer is required to comply with the relevant existing EU legislative framework, which may inter alia include the Prospectus Directive, the Markets in Financial Instruments Directive, and the Alternative Investment Fund Managers Directive and national legislation, as applicable.

On the other hand, where the application of the Financial Instrument Test determines that the virtual currencies issued through an ICO does not qualify as financial instruments, the Virtual Currencies Act would be applicable. Similar high level regulatory principles on transparency and merit-based regulation as those currently applicable to securities seeking a listing on a regulated market would apply to ICOs in terms of the Virtual Currencies Act.

Malta considers an unilateral ban on collective investment schemes, unless licensed under the Investment Services Act.

Existing investment services licence holders would be required to set up a subsidiary solely for the purpose of providing services and activities in relation to virtual currencies that do not qualify as financial instruments. The subsidiary would require a specific licence under the Virtual Currencies Act. This is being proposed to ensure complete segregation from the ordinary business of the investment services licence holder, which mitigates the risk of contagion should there be failure in the virtual currency business.

Virtual currencies which qualify as financial instruments under MiFID shall be assessed against the criteria set out under MiFID to determine whether the respective instruments should be classified as complex instruments or otherwise. As an investor protection measure, the MFSA however considers that a virtual currency, which does not qualify as a financial instrument, shall automatically be classified as an instrument akin to a complex instrument as defined under MiFID with protections equivalent to those set in terms of MiFID to be applicable. The Virtual Currencies Act and regulatory framework issued thereunder would provide for the investor protection measures specified above.

Exchanges and similar services must deliver a prospectus, if there are virtual currency offerings that classify as financial instruments being offered on the exchange, as defined in the MiFID. In any other case, the Virtual Currencies Act is applicable.

Institutional investors such as pension funds cannot invest in cryptocurrencies and ICO's in Malta.

Payment services providers dealing in virtual currencies must segregate the business operations completely from payment services business in fiat currencies.

All businesses dealing in virtual currencies are subject to AML regulation.

Conclusion:

Malta has a very positive and constructive outlook on ICO's and the government is open to discussion regarding developing the sector.

ESMA regulation on ICO's (applicable to all listed countries):

https://www.esma.europa.eu/sites/default/files/library/esma50-157-828_ico_statement_firms.pdf