Monday, May 30, 2022
In our latest briefing on ‘MiCA’ the European Union’s proposed Regulation of Markets in Crypto-Assets, we noted some of the regulatory requirements for firms classified as a crypto-asset service providers (“CASPs”) or crypto-asset issuers under the new legislation.
One such requirement under Title II, III, IV and V of the draft regulations is the obligation to publish a white paper. Many in the crypto community will be familiar with the term ‘white paper’, stemming initially from the now infamous Bitcoin white paper published by Satoshi Nakamoto in late 2008. For those unfamiliar with the term, it is essentially a prospectus of sorts which sets out the aims, purpose and technology behind the cryptocurrency or blockchain project at hand. Whilst many CASPs and crypto-asset issuers have long been issuing white papers in respect of their ICOs/STOs (often without compliance with any regulatory structure – due perhaps to an absence of tailored legislation), MiCA now provides a substantive framework to be adhered to.
Different rules will attach to white papers under the new regulatory package depending on the type of service provided and also the type of token being issued. We explore what this will mean in practice for firms operating in this space.
Classification of tokens
For a number of years now, the idea of ‘tokenisation’ of products and services has been growing in the Blockchain community and at times has been met with opposition by regulators, especially surrounding the security vs utility token divide.
At a basic level, a ‘token’ may share similarities to a ‘coin’ in that it can represent a store of value similar to regular fiat (traditional currency), however ‘tokens’ can represent much more, including for example in a company, voting rights, property rights and access to future products and services. Different categories of tokens have therefore emerged, though they largely fall into two camps – utility and security tokens, with the classification of such having important consequences for both issuers and investors. MiCA expands on existing terminology and defines a number of particular types of token:
It is important to note that ‘security’ tokens are not dealt with by MiCA as these tokens are considered financial instruments and are caught be existing legislation such as the Prospectus Directive, Markets in Financial Instruments Directive (MiFID) and the Electronic Money Directive (EMD).
White paper and additional requirements
Firms that issue ‘asset-referenced’, ‘electronic money’ or ‘utility’ tokens must all produce white papers in line with MiCA requirements. In addition, further requirements attaching to these white papers may also apply (depending on the particular token involved) such as prior approval by a competent national authority.
MiCA leaves it up to Member States to designate their own competent national authority, but the legislation provides a list of wide-ranging administrative, supervisory and punitive powers for these competent authorities. The competent authorities will cooperate closely with the EBA (European Banking Authority), ESMA (European Securities and Markets Authority) and the other Member States authorities in their investigation, supervision and enforcement activities.
Crypto/blockchain businesses must be prepared for their reporting and regulatory requirements, as some are more onerous than others. For example:
Utility v security token
Issuers of utility tokens must also be aware that MiCA states that the white paper must be notified to national competent authorities not less than 20 working days before publication for an assessment whether the crypto-asset in question is in fact a financial instrument, therefore making it a ‘security token’ and subject to MIFID.
In the USA, the SEC has highlighted on a number of occasions, notably in SEC vs KIK, that the distinction between a ‘utility’ and security’ token can often be fine lines. The US Supreme Court’s ‘Howey’ test is often a good starting point to aid interpretation, but it will be interesting to see how this will play out in practice across EU member states and how stringent national authorities will be.
Crypto and blockchain businesses that operate in the ‘utility token’ space, which does make up a sizeable majority of the market, must understand that simply stating that a crypto asset is a ‘utility’ token rather than a ‘security’ token may not suffice. Failing to give proper thought to the tokonomics could cause significant issues and legal advice should always be obtained to clarify whichever camp (utility/security) it falls into.
Regulatory obligations, such as the requirement to register as a VASP in Ireland and FCA registration requirements within the UK if you operate an exchange, already apply to larger and more established crypto/blockchain focused businesses and MiCA should not cause too many issues in terms of further compliance protocols. However, smaller firms that incorporate tokens to access their products and services must be aware of how MiCA (or potentially MIFID) classify and regulate token offerings, particularly if their business grows and the value of their ‘tokens’ grow with it.
For more information in relation to this article please contact partner Andrew Tzialli.