Germany is taking on a special role in Europe and globally when it comes to blockchain regulation. The German Government decided last year that Germany would strive to become an internationally well-known hotspot for businesses with business models that are connected to or based on blockchain technology or cryptocurrencies. Germany tries to achieve this among other things by tailor-made regulations for blockchain related subjects. The transposition of the fifth European AML directive into German law for example went far beyond what was required by the European legislator. As a result, the custody of crypto assets for customers is a financial service that is subject to authorization since January 1st of 2020. But also other business models that are connected to crypto assets cannot be operated in Germany without the prior BaFin authorization. This applies to e.g. the operation of Bitcoin ATMs and crypto exchanges as well as to the offering of investment advice or investment brokering services for crypto assets. But at what point foreign services are subject to authorization?



The German Banking Act is applicable to companies from the crypto industry that have their registered headquarter in Germany. These companies are therefore also obligated to obtain an authorization if they offer crypto related financial services. The obligation to apply for a BaFin authorization can alternatively also apply to foreign providers that neither have a registered place of business nor a branch office in Germany. BaFin states in its long-standing administrative practice that foreign providers of banking and financial services are subject to authorization, if they target the German market in order to repeatedly and commercially offer services that are subject to authorization to domestic enterprises and persons. The crypto providers are obligated to apply for a BaFin authorization in accordance to the German law in these cases. The option of EU-passporting an authorization for financial services that has been granted in another EU member state is not possible for this kind of crypto-related businesses. The reason is that the regulation of services in regard to crypto-related business models is not homogenously within the European Union.



The administrative practice of BaFin answers this question by giving numerous criteria by which the individual case can be assessed. The assessment whether a sufficient connection to Germany is given will always be decided by the circumstances of the individual case. The most important indications for BaFin that a sufficient “targeting” of the German market is given in case of a provider in order to justify an obligation to obtain an authorization are: the content of a website or of marketing tools that are used by the provider; whether the provider uses sales assistances that operate in Germany; whether German customers contacted via social media, messenger services, email, traditional print media or in any other way promoting the financial services. On the other hand, the administrative practice of BaFin accepts that a passive serving of German customers in a way that the customers initiatively demand the services from the crypto service provider instead of being actively targeted constitutes an admissible case of reverse soliciting. In such cases, a BaFin authorization in accordance to the German Banking Act will not be required.


Attorney Lutz Auffenberg, LL.M. (London)





The FIN LAW Newsletter provides you with all blog articles of the month via monthly e-mail. Our newsletter is published regularly at the beginning of every month. Feel free to sign in to the FIN LAW Newsletter by clicking the button below. Of course can can sign off at any time if you do not wish to receive our newsletter anymore.