To be or not to be (a security) – The latest from Europe on ICO regulation

Following the rapid inflow of money into Initial Coin Offerings (ICOs), increased interest in ICO regulation in one form or another was only a matter of time. And regulators around the globe have contributed to the question of token classification and investor protection extensively. The same is true for some national regulators in Europe that have issued investor warnings about the risks of investing in cryptocurrencies and ICOs, but the European authorities have largely been silent on the subject so far. But now the European Securities and Markets Authority (ESMA) has spoken and given an indication where things might be moving for ICOs in the European Union.

The latest in ICO regulation?

The Trend is your Friend

The trend is your friend. One of the golden rules of investing seems to be true for the recent regulatory activities regarding cryptocurrencies and ICOs. Many regulators have published their two cents on the subject, most in the form of consumer and investor warnings about the risks of investing in cryptocurrencies, like the British FCA, for example. Others have contributed to some extent to the discussion about the nature of tokens, i.e. if and when they should be considered financial instruments, securities, commodities etc. The SEC decision in July in its DAO report or the MAS statement from 1 August, in which the central bank of Singapore clarified that tokens should be considered financial instruments. And then there was the Chinese response to ban any future Initial Coin Offerings and order trading platforms and cryptocurrency exchanges to cease their activity.

The regulatory authorities of the European member states have been reluctant to share their thoughts on the issue. The Italian regulator, CONSOB, for instance, confirmed to PlanetCompliance that to an extent it was less a national but more so a European matter and as such it was waiting for news from Brussels (or Strasbourg or Paris if you will) that might explain the reluctance of national institutions to potentially overstep their competence. But if you look closely at you can see a pattern and you might have had a good idea about what the response from ESMA on the question of how the European regulators thinks about the issue could look like.

The European answer?

The Paris based organisation issued on 13 November two statements on the subject. In the first one, it alerted investors of the high risk of losing all of their invested capital, as “ICOs are very risky and highly speculative investments”. ESMA also remarked that “ICOs are also vulnerable to the risk of fraud or money laundering”.

In the second statement, ESMA addressed the makers behind ICOs and advised them that contrary to popular belief they might not be operating in an unlegislated area. The financial watchdog made in clear that it is likely that firms involved in ICOs conduct regulated investment activities, where ICOs qualify as financial instruments. As such, firms conducting such an activity will need to comply with the relevant legislation.

Shedding some light

Making a mountain out of a molehill

The ESMA guidance doesn’t stop there though. Instead, the statement also outlines four key EU rules that are likely to apply, though ESMA makes it clear that it is not an exhaustive list and points as well to national rules that may be applicable.

The first set of rules the ESMA statement points to is the Prospectus Directive, which aims to ensure that adequate information is provided to investors by companies when raising capital in the EU. Unless there is a case for an exemption it requires the publication of a prospectus document that contains the material information for an investor to make an informed assessment of the facts in an easily analysable and comprehensible form. Depending on the ICO structure the coins or tokens could fall within the definition of a transferable security. That in turn means that a prospectus would need to be published and approved by the appropriate regulator.

ESMA then pointed to the Markets in Financial Instruments Directive (MiFID) in its current form as the framework that may be applicable. MiFID stipulates that a firm that provides investment services/activities in relation to financial instruments as defined by MiFID needs to comply with MiFID requirements. These requirements were already quite significant, but will be taken to a whole new level when MiFID II will apply from 3 January 2018 on. ESMA advised that in “the case of ICOs, where the coin or token qualifies as a financial instrument, the process by which a coin or token is created, distributed or traded is likely to involve some MiFID activities/services, such as placing, dealing in or advising on financial instruments”. Therefore, the “organisational requirements, the conduct of business rules and the transparency requirements laid down in MiFID would then apply, depending in some cases on the services provided”.

Thirdly, ESMA referred to the Alternative Investment Fund Managers Directive (AIFMD) as a potential area of rules that may be applicable. AIFMD lays down the rules for the authorisation, ongoing operation and transparency of the managers of alternative investment funds (AIFMs) which manage and/or market alternative investment funds (AIFs) in the Union. Again it all depends on the actual structure of an ICO, which needs to be considered on a case-by-case basis rather than on a general rule. If an ICO qualifies as an AIF though, to the extent that it is used to raise capital from a number of investors, with a view to investing it in accordance with a defined investment policy, (think the DAO), it would have to comply with AIFMD and in particular, with the capital, operational and organisational rules and transparency requirements of the Directive.

Lastly, ESMA highlighted the need to comply with Anti-Money Laundering regulations, i.e. the Fourth AML Directive. The Directive requires firms to carry out due diligence on customers and to have in place appropriate record-keeping and other internal procedures, which should be high on the list of ICOs in any case, especially if they wanted to avoid the more draconian US laws in that respect.

As ESMA has stressed, the list of potentially applicable regulations and laws doesn’t end there. Other aspects such as Data Protection or Outsourcing also need to be considered and could well be applicable depending on the respective structure.

Where now from here?

Former American diplomat Henry Kissinger has been credited with the expression “Who do I call if I want to speak to Europe?” and today things are still far from obvious in terms of a single voice. ESMA has taken the baton, but the European Parliament, the Commission and possibly other institutions are likely to have their thoughts on cryptocurrencies and initial coin offerings. With this in mind and the rather wobbly advice given by ESMA, ICOs in the European Union would need to brace themselves for a large number of potentially applicable rules. While this is not new and something we have highlighted before, it still seems to come as a surprise to some.

In any case, a comprehensive analysis of the regulatory impact of an ICO needs to be at the top of the list of priorities of anyone considering or launching a token offering. Believing that ICOs are still the Wild West and that regulation might not them is in the best case negligent, but certainly no excuse when the authorities come knocking.