Skadden Discusses New EU and UK Regimes for Regulating Cryptoassets

The European Union and U.K. are establishing comprehensive regimes for the regulation of cryptoassets. The Markets in Crypto-Assets Regulation (MiCA) was published in the Official Journal of the European Union on June 9, 2023, and will come into force on June 30, 2023, though the majority of provisions will apply 18 months thereafter, on December 30, 2024. (The provisions governing stablecoins will apply earlier, starting June 30, 2024.)

The MiCA framework will only be complete once regulatory technical standards (detailing certain aspects of MiCA) are developed. The EU Transfer of Funds regulation was also enacted at the same time as MiCA. Taking effect on December 30, 2024, it incorporates the so-called “travel rule,” which requires both originator and beneficiary information to be shared in crypto transactions, notably regardless of transaction value.

The U.K. published a consultation in February 2023 setting out a framework to regulate cryptoasset activity in the U.K. The approach set out in the consultation is substantially similar to that of MiCA, but legislation is yet to be proposed. Further consultations and draft rules are expected later this year. The U.K. has also proposed to adopt the travel rule for cryptoassets, by way of amendments to its money laundering regulation.

Although there is some divergence between the approach in the EU and U.K., the development of these frameworks is welcome news to the industry and consumers alike, as they create a clear pathway for authorization and regulation and, correspondingly, credibility and trust among crypto users, while requiring cryptoasset firms to adhere to standards similar to those for existing financial services firms.

European Union

Currently, the regulation of cryptoassets in EU member states is a patchwork. From an anti-money laundering perspective, the Fifth Anti-Money Laundering Directive (5MLD), which came into force in January 2020, sets out a framework requiring exchanges and custodian wallet providers to obtain registration with relevant local regulatory authorities. 5MLD-registered firms are required to take specific steps to combat money laundering, including by:

  • Conducting customer due diligence to regulatory standards.
  • Establishing beneficial ownership.
  • Designating a money laundering reporting officer.
  • Training staff and retaining records relating to compliance with these obligations.

However, there are important differences in interpretations of 5MLD by member states. Notably, the types of cryptoassets that are captured by 5MLD in each jurisdiction diverge — for instance, there is inconsistent treatment of NFTs. Further, although the default rule is that 5MLD will only capture cryptoasset activity of firms within a member state, some countries have gone further and require local registration by firms providing products and services across borders. Such regulation could therefore capture, for example, U.S.-domiciled firms providing cryptoasset products and services to customers based in that jurisdiction.

Most member states chose not to implement specific regulations for cryptoassets. But beyond the scope of anti-money laundering measures, there are exceptions to this approach. Germany and Malta, for instance, have their own regimes regulating cryptoassets. Those regimes will soon be superseded by MiCA.

MiCA takes inspiration from existing EU financial services regulatory systems and will govern almost all activities relating to cryptoassets, including:

  • Custody and administration.
  • Operation of a trading platform.
  • Exchange for fiat, or other cryptoassets.
  • Execution of orders on behalf of clients.
  • Placing.
  • Reception and transmission of orders.
  • Offering or giving personalized advice.
  • Portfolio management.
  • Provision of transfer services on behalf of clients.

Further, MiCA will also regulate the offering, issuance and marketing of cryptoassets, and require the publication by the trading venue of a white paper, which provides information specified by regulation and is approved by the local regulator.

Where the offering, issuance or marketing concerns asset-referenced tokens (ARTs) or e-money tokens (EMTs), entities subject to the regulations will need to also meet certain requirements regarding matters such as relating to reserve requirements, segregation, governance, policies and procedures, conflicts handling and capital.

Firms that are currently authorized as investment firms under the EU’s Markets in Financial Instruments Directive (MiFID) or as electronic money institutions under the Electronic Money Directive (EMD) will be able to benefit from a transitional period. Credit institutions will not require any further authorization for any cryptoasset service at all, and investment firms will not be required to seek additional approval for services equivalent to the investment activities for which they are currently authorized. Electronic money institutions will also benefit from an abridged procedure for obtaining authorization.

United Kingdom

Currently in the U.K., only instruments with characteristics of traditional financial services instruments are subject to U.K. authorization requirements. Most cryptoassets fall outside of those. The U.K. has implemented the EU’s 5MLD and taken it one step further to include a wider range of cryptoassets than 5MLD encompasses. Further, the regulations also capture any activity that involves crypto-for-crypto or fiat-for-crypto transactions.

Registration applications by cryptoasset firms under the U.K. anti-money laundering regulations have received heightened scrutiny from the Financial Conduct Authority (FCA) compared to other registration applications. This can be attributed partly to the perceived financial crime risks associated with the cryptoasset sector and potentially reflects the FCA’s reservations about the industry. Currently, only 42 firms in the U.K. have successfully obtained registration, with over 85% of applications being rejected. The time required for registrations varies widely, with the approval process ranging from 12 to 18 months for some firms, even where registration is granted.

In relation to the development of a wider cryptoasset licensing regime, the U.K. government has proposed a phased approach:

  • First phase: Would require issuers and custodians of “fiat-backed stablecoins” to be authorized by the FCA.
  • Second phase: Would set out a comprehensive framework for the regulation of all cryptoasset activity in the U.K.

There is currently some variation between MiCA and the U.K.’s regulatory approach. MiCA’s approach to stablecoins extends to asset-backed stablecoins as well as fiat currency-backed stablecoins. Further, MiCA covers advice and portfolio management activities, which the U.K. proposals do not include.

These disparities may be reconciled in future phases of the U.K.’s legislative agenda, which will afford an opportunity for alignment with the MiCA framework. The differences may therefore relate primarily to timing rather than the underlying scope and substance of the regulatory frameworks.

Contrast With the United States

While the EU and U.K. approaches to cryptoassets vary somewhat in detail and speed of implementation, both are on a path to bringing cryptoassets firmly within the financial regulatory perimeter. This is in stark contrast to the current enforcement-based approach in the U.S., where there is no overarching regulatory regime. Agencies such as the Securities and Exchange Commission (SEC) and the Commodity Futures Trading Commission (CFTC) have asserted jurisdiction over various cryptoasset activities and businesses through enforcement actions brought under existing securities and commodities laws.

In Sum

It remains to be seen how cryptoasset firms will approach such differing regulatory approaches as they seek to manage their offerings to customers around the world. The lack of convergence on the scope and substance of cryptoasset regulation will pose challenges for many cryptoasset businesses that will need to be equipped to navigate a fluid and fragmented global regulatory landscape. The recently published International Organization of Securities Commissions (IOSCO) proposed policy recommendations provides a minimum set of regulatory standards for regulatory frameworks to adhere to and is one step toward greater harmonization.

This post comes to us from Skadden, Arps, Slate, Meagher & Flom LLP. It is based on the firm’s memorandum, “EU and UK Move Forward With Comprehensive Regulatory Regimes for Cryptoassets,” dated June 2023, and available here.