Initial meeting

Category: blog EN

Jan 20, 2020

Crypto Assets – What is that Exactly?

[et_pb_section fb_built=”1″ admin_label=”section” _builder_version=”3.22″ global_colors_info=”{}”][et_pb_row _builder_version=”4.10.6″ _module_preset=”default” global_colors_info=”{}”][et_pb_column type=”4_4″ _builder_version=”4.10.6″ _module_preset=”default” global_colors_info=”{}”][et_pb_button button_text=”for German version click here” _builder_version=”4.10.8″ _module_preset=”default” custom_button=”on” button_text_size=”13px” button_border_width=”1px” button_border_radius=”0px” hover_enabled=”0″ global_colors_info=”{}” button_url=”/kryptowerte-was-ist-das-eigentlich-genau/” sticky_enabled=”0″][/et_pb_button][/et_pb_column][/et_pb_row][et_pb_row admin_label=”row” _builder_version=”3.25″ background_size=”initial” background_position=”top_left” background_repeat=”repeat” global_colors_info=”{}”][et_pb_column type=”4_4″ _builder_version=”3.25″ custom_padding=”|||” global_colors_info=”{}” custom_padding__hover=”|||”][et_pb_text admin_label=”Text” _builder_version=”3.27.4″ background_size=”initial” background_position=”top_left” background_repeat=”repeat” global_colors_info=”{}”]

Since the beginning of the year, Germany has a new regulated financial instrument. With the regulation of crypto assets the German legislator regulates digital representations of value that are neither issued nor guaranteed by a central bank nor any other public authority and that do not possess the legal status of currency or money, but are accepted by natural or legal persons as a means of exchange or payment on basis of an agreement or actual practice or which serves investment purposes and which can be stored, traded and transferred electronically. Commercial activities on the basis of or in relation with such instruments may, as of this year, be subject to authorization for the providers of such services in accordance to the German Banking Act (KWG). But which products and services exactly are the subject of this rather wordily definition? Are now all blockchain units in Germany regulated can and possibly trigger BaFin authorization obligations when being subject to financial services?

DEFINITION OF CRYPTO ASSETS WITHOUT A SPECIFIC RELATION TO BLOCKCHAIN

The major example for crypto assets is Bitcoin. The legislator had in mind the most successful cryptocurrency and comparable blockchain units when he decided to introduce the new category of financial instruments into German banking regulatory law. Even so, the definition does not only apply to blockchain based units of value and mentions neither blockchain technology nor any other distributed ledger technologies as a mandatory technical prerequisite for crypto assets. In the spirit of a technology neutral approach the wording of the definition is sufficiently abstract to also cover representations of value that are based on new and future, nowadays not even existing technologies. A decentralized operating mode is also not required by the definition in order to define a product as a crypto asset. It is therefore possible for centralized issuers to generate and distribute crypto assets as long as the issuer is not a central bank nor a public authority and as long as the specific design of the digital representation of value does not qualify as e-money.

ARE CURRENCY TOKENS CRYPTO ASSETS?

Cryptocurrencies with a decentralized design that are designed to be used as an alternative means of payment are, according to the definition, in principal crypto assets. To the extent however that currency tokens being represented by a smart contract are designed as e-money meaning that the issuing and the transfer of the tokens are executed on a blockchain but the issuer of the currency tokens offers the exchange of the tokens against legal tender at all times and that the tokens are accepted by others than the issuer as a means of payment, the KWG precludes in sec. 1 subsection 11 sentence 4 the classification of the tokens as crypto assets. These tokens are classified as e-money and are therefore regulated as such under the Payment Services Act (ZAG).

CAN UTILITY TOKENS BE CRYPTO ASSTS?

An interesting question is, if utility tokens which were extremely popular at the height of the ICO-hype in 2017 can also be classified as crypto assets under this definition. Utility tokens grant their bearers no monetary or shareholder rights but instead can be used as payment for services and goods exclusively within the business model of the issuer or as a voucher in a comparable way. According to sec. 1 subsection 11 sentence 4 KWG, these units are also not crypto assets if for example they can only be used for the purchase of goods and services of a single provider or a specific network of providers (e.g. shopping center) or for a very limited range of goods and services. These exemptions basically correspond with BaFins administrative practice that was in place prior to the introduction of crypto assets as financial instruments. BaFin, under the previous legal situation, did not qualify utility tokens as units of account and therefore not as financial instruments.

WHAT ABOUT SECURITY TOKENS?

Security tokens, meaning digital units of value of which the ownership is connected to investor rights, such as e.g. claims for repayment or for an interest payment, pose a difficult special case. The first explanatory memorandum of the Federal Ministry of Finance for its draft legislation for the introduction of crypto assets stated that crypto assets are subsidiary to other financial instruments of the KWG so that digital representations of value that meet the requirements of any other financial instrument would not be qualified as crypto assets but as the other financial instrument instead. The wording in the draft legislation included an according subsidiary clause for crypto assets. The subsequently following governmental draft, according to its explanatory memorandum wanted to keep the legal effect of crypto assets to be subsidiary vis-à-vis other financial instruments. However, the wording of the proposed legislation did not include it anymore. Therefore, it is questionable if security tokens can now be e.g. debenture bonds and crypto assets at the same time. The only thing that is for sure is that security tokens are, in one way or another, financial instruments according to the KWG.

Attorney Lutz Auffenberg, LL.M. (London)

I.  https://fin-law.de

E. info@fin-law.de

OUR BLOG ARTICLES IN A MONTHLY NEWSLETTER?

The FIN LAW Newsletter provides you with all blog articles of the month via monthly e-mail. Our newsletter is published regularly at the beginning of every month. Feel free to sign in to the FIN LAW Newsletter by clicking the button below. Of course can can sign off at any time if you do not wish to receive our newsletter anymore.

[/et_pb_text][et_pb_button button_url=”https://subscribe.newsletter2go.com/?n2g=bnenflo7-3kepbm9f-9g1&_ga=2.76407708.842992497.1570698390-510082309.1569668016″ url_new_window=”on” button_text=”SIGN IN FOR NEWSLETTER” _builder_version=”4.9.10″ _module_preset=”default” custom_button=”on” button_text_size=”13px” button_text_color=”#FFFFFF” button_bg_color=”#333233″ button_border_width=”10px” button_border_color=”#333233″ button_border_radius=”0px” button_letter_spacing=”2px” button_font=”|700||on|||||” button_use_icon=”off” animation_style=”zoom” global_module=”775″ global_colors_info=”{}”][/et_pb_button][/et_pb_column][/et_pb_row][/et_pb_section] subscribe to Newsletter

    Contact

    info@fin-law.de

    Jan 13, 2020

    Let´s Build a Crypto Custodian (Part IV) – What do Foreign Crypto Custodians have to Consider?

    With the introduction of crypto custody services as a financial service that is subject to authorization, Germany positioned internationally as a location with clear and definite laws for the blockchain-business. Even though the German solo effort led to a still inconsistent crypto regulation throughout the continent which in terms of market harmonization within the EU is not beneficial, German crypto custodians, as of 1st January 2020, at least profit from a clear legal situation. Crypto assets are now clearly defined as financial instruments according to the German Banking Act (KWG) and the offering of crypto custody services for customers is a financial service that is subject to authorization. Not only German but also foreign businesses that intend to offer crypto custody solutions for crypto assets to German customers are interested in obtaining a BaFin license for crypto custody services. Therefore, it is highly relevant for these businesses to know if BaFin places additional requirements on non-German businesses in order for them to obtain a license for crypto custody services and how the BaFin application process can be conducted.

    NO EU PASSPORTING: GERMAN CORPORATION OR A BRANCH OFFICE?

    Since there is no legal basis in the EU directives and regulations for defining crypto custody services as financial services that are subject to authorization but the German legislator still opted to do so, a passporting of the license for crypto custody services neither to nor from Germany is possible. Therefore, businesses that intend to offer such services have to apply for BaFin authorization. The KWG stipulates that BaFin cannot approve an application of non-German companies that apply for authorization to offer a financial service in Germany if the company in question does not have its central administration in Germany. Non-German businesses are left with only two options. They can either establish a German company as a subsidiary which then, as a German company with a central administration in Germany, applies for authorization or, as an alternative, they can establish a branch office in Germany. A branch office is a subsidiary of a non-German company that operates without a German GmbH or AG or any other German corporation form. The branch office therefore is legally dependent and not a legal entity itself. According to the KWG, branch offices are however considered to be institutes in the sense of the German banking regulations if they intend to offer crypto custody services or other financial services that are subject to authorization. In this constellation the branch office would file the application.

    WHAT ARE THE DIFFERENCES FOR THE BAFIN APPLICATION PROCESS?

    If a German subsidiary corporation is founded for the purpose of applying for a license to offer crypto custody services, the application requirements are basically comparable to those of a “regular” application. A special requirement however must be fulfilled if the foreign parent company is a credit institution that is regulated and authorized in its home country. In that case, an authorization can only be granted if the foreign supervising authority accepts the founding of the branch in Germany. The branch office has to prove the consent of the supervisory authority of the parent company to BaFin. If the business instead chooses to apply for the license through a German branch office, additional requirements have to be met. This includes that the branch office has to keep special record of the ongoing business activities in order to report to BaFin and the Bundesbank for the ongoing supervision. Keeping one single record with the parent company is not sufficient. Furthermore, the place of jurisdiction at the branches’ facilities for lawsuits by customers and business partners against the branch office cannot be excluded contractually, so that plaintiffs always have the opportunity to sue the branch office at its location.

    Attorney Lutz Auffenberg, LL.M. (London)

    I.  https://fin-law.de

    E. info@fin-law.de

    Read More:

    Let´s Build a Crypto Custody (Part I) – What Qualification is Required by the Management?

    Let’s Build a Crypto Custodian (Part II) – How Much Regulatory Starting Capital Does a Crypto Custodian Require?

    Let’s Build a Crypto Custodian (Part III) – What Requirements Will BaFin Place on Risk Managing Strategies?

    subscribe to Newsletter

      Contact

      info@fin-law.de

      Jan 06, 2020

      Between the Poles – Is Blockchain-based E-Money not a Crypto Asset?

      Nowadays, there are many different ways in which money is digitally usable. Scriptural money can only be created virtually by credit institutions and is used among the involved payment institutions in electronical form whenever a payer initiates a transaction. Also on the side of the payment initiating payer digital tools such as banking apps are used. In addition to scriptural money there is another legal form of digital money in the European Union. Since the first e-money directive 2000/46/EC came into effect, which in the meantime has been repealed by the second e-money directive 2009/110/EC, e-Money is defined as every electronically, including magnetically stored monetary value as represented by a claim against the issuer which is issued on receipt of funds for the purpose of making payment transactions, and which is accepted by a natural or legal person other than the electronic money issuer. Since the creation of Bitcoin in 2009, there are blockchain based payment units, that can also be considered as a digital form of money. With scriptural money, e-money and cryptocurrencies there are at least three different forms of digital money.

      E-MONEY CAN BE ISSUED ON A BLOCKCHAIN BASIS

      Interestingly, the definition of e-money according to the e-money directive does not preclude the issuing of e-money on a blockchain basis. It is legally and technically possible for a central administrating issuer to create a smart contract on a blockchain and issue standardized and tokenized payment tokens. If the issuer would guarantee the possibility to exchange these tokens back at any time into legal tender, they would qualify as e-money according to the definition. The decentralized allocation and storage of the tokens would not lead to a different result, since the definition only requires the storage of the units. Therefore, the tokens would not necessarily have to be stored with the emitter. But would these e-money tokens also fall under the definition of the new financial instrument of crypto assets and would they therefore be both, e-money and a financial instrument according to the German Banking Act (KWG)?

      BLOCKCHAIN-BASED E-MONEY WOULD NOT BE A CRYPTO ASSET

      According to the newly introduced definition in the KWG, crypto assets are digital representations of value that is not issued or guaranteed by a central bank or any other public authority and does not possess the legal status of currency or money, but is accepted by natural or legal persons as a means of exchange or payment on basis of an agreement or actual practice or which serves investment purposes and which can be stored, traded and transferred electronically. According to this definition, e-money tokens can be crypto assets. The scope of the definition is restricted in the second sentence of the definition itself which states that e-money units are not crypto assets. A qualification of e-money tokens as crypto assets is therefore impossible according to the legal wording. If a service provider would offers to customers the storage of their e-money tokens, a BaFin authorization for crypto custody services would not be required.

      SO E-MONEY TOKENS WOULD NOT QUALIFY AS FINANCIAL INSTRUMENTS ACCORDING TO THE GERMAN BANKING ACT?

      E-money tokens as a form of e-money would also be subject to the German Payment Services Act (ZAG), in which the German legislator integrated the provisions from the second e-money directive. As shown above, the tokens could not be defined as crypto assets. That however does not automatically mean that e-money tokens cannot qualify as financial instruments according to the KWG at the same time. Under its administrative practice, BaFin qualifies e-money units as units of account and therefore as financial instruments in the sense of the KWG. Providers that e.g. offer brokerage services in regard to e-money tokens or the option to buy and sell e-money tokens on a regular basis and commercial scale can therefore be subject to BaFin authorization according to the KWG. The mere custody of e-money tokens for customers on the other hand would not be subject to authorization, because the KWG requires an authorization only for custody services regarding fiat money, securities or crypto assets.

      Attorney Lutz Auffenberg, LL.M. (London)

      I.  https://fin-law.de

      E. info@fin-law.de

      subscribe to Newsletter

        Contact

        info@fin-law.de

        Dec 30, 2019

        Crypto Assets and AML – When are Crypto Businesses Subject to the German Money Laundering Act?

        As of 2020 the German legislator is going to introduce crypto assets into the German Banking Act (KWG) as a new form of financial instruments and crypto custody services as a new form of financial service which is subject to authorization. Basis for these legal innovations is the amending directive to the fourth European Anti-Money Laundering Directive commonly known as the fifth AML Directive. While transposing the directive into national law, the German legislator exceeded the directive’s requirements. According to the wording, the directive requires the member states to introduce a definition for virtual currencies rather than for crypto assets and the introduction of a financial service such as the crypto custody service, which is subject to authorization, is also not explicitly required by the directive. With regards to virtual currencies, the focus of the EU directive was to subject service providers that are either engaged in exchange services between virtual currencies and fiat currencies or that provide custodian wallets for virtual currencies to the AML regulations of the member states. The EU legislator wanted the aforementioned service providers especially to be obliged to verify their customers identity via the so called Know-Your-Customer (KYC) procedure. Further on, the directive should ensure that the service providers implement sufficient risk management and adequate documentation procedures. But which businesses are now subject to the German Money Laundering Act (GWG) since the German legislator did not transpose the provisions of the fifth AML Directive literally?

        CRYPTO EXCHANGES WERE SUBJECT TO THE GERMAN AML ACT EVEN BEFORE THE TRANSPOSITION OF THE FIFTH AML DIRECTIVE

        In contrast to the other EU member states, Germany officially defined most cryptocurrencies already since 2013 as financial instruments as defined in the KWG, because BaFin stated early that they qualify Bitcoins and comparable cryptocurrencies as units of account and therefore as financial instruments according to the KWG. The regulation of units of account, such as special drawing rights of the International Monetary Fund or the predecessor of the euro, the “European Currency Unit” (ECU), are specific features of the German banking regulatory law and are not intended by the European directives. The qualification of cryptocurrencies as units of account results in the fact that the commercial exchange of cryptocurrencies, under certain circumstances, is qualified as a financial service, so that the service providers qualify as financial service institutions and therefore are subject to BaFin authorization long before the transposition of the provisions of the fifth European AML Directive into German law. According to the GWG, all financial service institutions are obligated to identify and verify customers via KYC procedure, implement a risk management for prevention of money laundering, notify the competent authorities when suspicion of money laundering arises and fully and adequately document these procedures. Crypto exchanges in Germany therefore had to fulfill the GWG requirements long before the transposition of the fifth European AML Directive came into effect. In addition to that, they are obligated to obtain BaFin authorization if they intend to offer their services in Germany on a commercial scale.

        CRYPTO CUSTODY SERVICES WILL BE SUBJECTED TO THE GERMAN AML ACT IN 2020

        Crypto custody services were not subject to authorization prior to the transposition of the fifth European AML Directive in Germany. The KWG did not qualify the custody of units of account as a service that is subjected to authorization. Providers of custody services for cryptocurrencies or other virtual currencies therefore could offer their services without prior BaFin approval. They were considered as unregulated service providers and not as financial service providers and consequently were also not subjected to the regulations of the GWG. This changes with the introduction of the crypto custody service as a financial service. As of 2020, service providers that safeguard crypto assets for customers on a commercial scale will be qualified as financial service institutions and will therefore have to comply with the provisions of the GWG as well.

        WHAT ABOUT OTHER BUSINESSES WITH CRYPTO RELATED BUSINESS MODELS?

        Not only crypto exchanges and crypto custody service providers are already or will be obligated to fulfill the GWG requirements as of the year 2020. Since units of account and the soon to be introduced crypto assets are financial instruments according to the KWG, businesses that intend to offer either purchase and selling services, commission services or advisory services regarding these financial instruments on a commercial scale will in many cases be regulated as financial service institutions or even as banks and will therefore be obligated to fulfill the AML requirements of the GWG.

        Attorney Lutz Auffenberg, LL.M. (London)

        I.  https://fin-law.de

        E. info@fin-law.de

        subscribe to Newsletter

          Contact

          info@fin-law.de

          Dec 23, 2019

          Let’s Build a Crypto Custodian (Part III) – What Requirements Will BaFin Place on Risk Managing Strategies?

          r authorization for the new financial service of crypto custody services. Several national and international market participants already display a keen interest in obtaining the authorization for said financial service. Even though it remains to be seen which companies actually apply for authorization and which of those applicants will be approved by BaFin, it nonetheless seems likely that in the course of 2020 several companies will be authorized for crypto custody services, so that crypto custody from then on will take place under BaFin supervision in Germany. Since the legislator took his time with the final version of the amendments to the German Banking Act (KWG), the authority did not have a lot of time to develop an administrative practice for the authorization and supervisory process. Since the crypto custody service is hardly comparable to any other regulated financial or banking service, BaFin has to apply due diligence when developing the requirements to be demanded under the ongoing supervision of crypto custody services in the future. One of the main aspects will be the risk managing strategy of crypto custody service providers since these businesses are subject to very specific risks compared to other institutions.

          WHAT ARE THE GENERAL FACTORS THAT MUST BE MET BY FINANCIAL SERVICE PROVIDERS REGARDING THEIR RISK MANAGING STRATEGY?

          The establishment, implementation and constant development of an adequate risk managing strategy is a key aspect of financial services supervision. The KWG requires financial institutions to develop and implement a procedure to determine and ensure its risk-bearing capacity. A careful and restrictive determination of the risks and the necessary risk coverage potential has to be the basis for the aforementioned procedures. In principle, the institutions are obliged to autonomously decide on how they implement the legislative requirements. BaFin as the supervisory authority is merely tasked to reprehend grievances and intervene if it comes to the conclusion that an institution does not fulfill the aforementioned legislative requirements. In order to facilitate the fulfilment of these obligations, BaFin substantiated its administrative practice and published the minimum supervisory requirements to risk management (MaRisk). Therefore, supervised institutions know what the competent authority requires of them and can navigate along the requirements of the MaRisk when developing their risk managing strategy. In addition to the specifications regarding the general risk managing strategy and risk-bearing capacity, the MaRisk also includes the minimum requirements for the design of internal monitoring systems and stress tests as well as design and process requirements for the technical and staff capacities and IT-emergency plans.

          WHAT ARE THE ADDITIONAL RISKS THAT CRYPTO CUSTODY SERVICE PROVIDERS WILL FACE?

          Crypto custody service providers in comparison to other financial service providers will face additional, crypto-specific risks. One of those crypto-specific risks is the risk of losing the private keys to customer’s crypto assets, especially since these keys cannot be replicated and losing the private key equates to losing the crypto asset itself. The risk managing strategy of crypto custody service providers will therefore have to address this issue extensively. Another aspect that has to be addressed in the risk managing strategy of crypto custody service providers will be the adequate protection against unauthorized third party access of customer private keys, since the knowledge of the private key equates to the possibility of disposition regarding the associated crypto asset. If a third party obtains knowledge of the private key, they will have the option to transfer the associated crypto asset to another wallet and therefore finally deprive it from the crypto custody service provider’s area of disposition. It must be taken into consideration that attacks on custody wallets are not necessarily unrelated third party attacks from outside but potentially can also be executed internally by employees. Crypto custody service provider will have to protect themselves from these risks through the usage of multisig-wallets and careful selection of employees with access rights. Another question that will arise with regards to the IT-equipment is to what extend the systems can be connected to the internet or to cloud solutions to minimize the danger of external hacker attacks.

          BAFIN DEVELOPS ADMINISTRATIVE PRACTICE REGARDING CRYPTO CUSTODY SERVICES

          BaFin already announced that it is developing an administrative practice concerning crypto custody services. Companies that already expressed interest in applying for authorization to conduct crypto custody services will be individually informed by BaFin as soon as the authority substantiated its administrative practice in order to allow the future applicants a thorough and comprehensive application preparation. This will certainly take a while. Nonetheless, future crypto custody service providers should start to grapple with the requirements now in order to keep the application preparation time as short as possible.

          Attorney Lutz Auffenberg, LL.M. (London)

          I.  https://fin-law.de

          E. info@fin-law.de

          subscribe to Newsletter

            Contact

            info@fin-law.de

            Dec 16, 2019

            Payment Services with Cryptocurrencies – Can an Authorization for Payment Services be Required?

            According to the basic idea of Satoshi Nakamoto, Bitcoin was meant to be an electronic peer-to-peer payment system that would function directly between the users without the necessity of payment processors such as banks. The massive increase in value since the mining of the first Bitcoin – to almost 20.000 euros per Bitcoin temporarily – as well as similar increases of the value of comparable cryptocurrencies led to the perception that Bitcoin and other cryptocurrencies are first and foremost a new type of asset for speculative investments. Nevertheless, there are now numerous service providers that offer their customers the opportunity to pay invoices with cryptocurrencies even though they are denominated in euros, USD or other legal currencies. These service providers require their customers to transfer the equivalent of the invoice amount to them in cryptocurrencies, then the service provider exchanges the transferred cryptocurrencies into the needed fiat currency and transfers the amount to the banking account of the invoicing party. If this business model would only use foreign exchange and legal tender, it would be subject to authorization according to the German Payment Services Act (ZAG). The acceptance of customer money and the transfer to the invoicing party would constitute a money remittance as defined in the ZAG which is a payment service and therefore subject to authorization from BaFin. But why is this service not regulated as a money remittance service if the invoice recipient pays with cryptocurrencies?

            PAYMENT SERVICES ONLY RELATE TO LEGAL TENDER AND E-MONEY

            The ZAG regulates the offering of payment services such as e.g. the money deposit and withdrawal at ATMs, the execution of transfer orders with and without credit granting, the issuing of payment cards and other payment instruments and of course money remittance services. These services all relate to payment processes that occur on basis of money in the sense of legal tender or e-money. Even though this restriction is not explicitly made in the ZAG, it can be derived from the fact that the ZAG is based on the second Payment Service Directive (PSD2). Article 4 nr. 25 of the PSD2 states that “funds” means banknotes and coins, scriptural money or electronic money as defined in the second European e-money directive. Cryptocurrencies such as Bitcoin, Litecoin, IOTA or Monero therefore do not constitute “funds” in the sense of the directive and can therefore not be the subject of payment services in the sense of the PSD2. The case would be different if at some point in the future e.g. blockchain-based central bank money as it is currently being considered by the Chinese and Russian central banks came into existence. E-money on a blockchain-bases could also qualify as “funds” in the sense of Article 4 nr.25 PSD2. These cryptocurrencies could then potentially be subject to payment services in the sense of the ZAG.

            IS THE SERVICE OF FORWARDING CRYPTOCURRENCIES WITHOUT CONVERSION SUBJECT TO AUTHORIZATION?

            The forwarding of cryptocurrencies from an invoice recipient to the invoicing party without the conversion to fiat currency, other crypto assets or other means of payment will only seldomly require the services of a money remittance service provider. The use of these services only makes economic sense, if the service provider would act as a fiduciary regarding the usage of the transferred cryptocurrencies. In these cases, the primary function of the money remittance service provider would not be the transmission of funds but rather the monitoring of the agreed upon payment conditions of the involved parties. If money transmission is just a by-product to the main service, BaFin in certain cases does not consider the forwarding to be subject to authorization.

            SO MONEY REMITTANCE SERVICES INCLUDING CONVERSION OF CRYPTOCURRENCIES TO FIAT ARE NOT SUBJECT TO AUTHORIZATION?

            Even though the receipt of customer cryptocurrencies in order to convert them to fiat currency and subsequently forward them via bank transfer to a payee does, as shown above, not constitute a money remittance service as defined in the ZAG, the exchange from cryptocurrency to fiat currency can constitute trading in financial instruments, if the cryptocurrency in question is to qualify as either a unit of account, a crypto asset or any other financial instrument in the sense of the German Banking Act (KWG) and therefore might be subject to authorization. Depending on the specific case and the way the cryptocurrencies are handled, the exchange might be considered either a financial commission business, investment brokerage or proprietary trading which are all subject to authorization.

            Attorney Lutz Auffenberg, LL.M. (London)

            I.  https://fin-law.de

            E. info@fin-law.de

            subscribe to Newsletter

              Contact

              info@fin-law.de

              Dec 08, 2019

              Crypto Custody Business and Grandfathering – Who Can actually Profit from the Transitional Rule?

              With the year 2020, the new financial service of crypto custody business will be introduced in Germany. Custodians of crypto assets from then on can offer their services only if they acquired a BaFin authorization beforehand. Since the German legislator took his time with the new law and the exact requirements for a successful authorization application have only recently become clear, a transitional arrangement for operators of crypto custody service providers will be in effect. This means that crypto custody service providers can continue offering their services without BaFin authorization if they comply with certain requirements and time limits. But what exactly are the requirements to trigger this so-called grandfathering rule?

              IMPORTANT: GRANDFATHERING REQUIRES EXISTING BUSINESS OPERATIONS

              The wording of the transitional regulation which will be incorporated on the 1st of January 2020 into the German Banking Act (KWG) states that businesses that will be subject to authorization because of the newly introduced financial service of crypto custody service business can continue their operations without BaFin authorization if they notify BaFin about their intention to apply for authorization in writing until the 31st of March 2020 and subsequently apply for authorization until the 30th of November 2020. Then, the authorization to conduct crypto custodian business is considered to be provisionally granted. Therefore, businesses intending to offer crypto custody services for the first time on or after the 1st of January 2020 cannot profit from this grandfathering regulation according to the wording of the law. These businesses will not become subject to authorization because of the introduction of the crypto custody service as a new financial service into the German Banking Act (KWG) but rather because of the start of their business. Businesses planning to profit from the grandfathering rule should therefore fulfil the requirements as a crypto custody service provider before the end of the year. This means that these businesses should try to offer the custody of crypto assets such as e.g. Bitcoin, Litecoin or ERC-20 tokens that do not classify as securities to the German market and (in a best-case scenario) start operations prior to the new year. Additionally, the scope of the offered service has to be conducted commercially or at least in a commercial extent. It would therefore not be sufficient to simply store some crypto assets of friends or family on a free-of-charge basis.

              BAFIN ASKS FOR INTENTION NOTIFICATION – NO EFFECT FOR GRANDFATHERING

              On the 4th of December 2019, BaFin publicly asked businesses intending to apply for authorization for the new crypto custody services to non-bindingly and informally report their intentions and a short summary of their business model to the authority. BaFin thereby intends to get a proper overview of the market and to gather information required in order to develop their supervisory standards for the application process and the ongoing supervision of crypto custodians. At the same time, BaFin states that this non-binding report of intention does not have any effect with regards to the above-mentioned grandfathering rule, since the legal basis for the acceptance of that rule will only become effective next year and any intention notification that is made prior therefore cannot have any effect. In its public statement BaFin ensures that the non-binding report of intention that it asked for is completely voluntary and will have no effect on a later application process. Businesses that comply with the BaFin request will however receive further information regarding the application process as soon as the authority substantiates its administrative practice regarding the crypto custody business. Such information certainly will not have a negative effect on the applications procedures of the companies.

              Attorney Lutz Auffenberg, LL.M. (London)

              I.  https://fin-law.de

              E. info@fin-law.de

              subscribe to Newsletter

                Contact

                info@fin-law.de

                Dec 02, 2019

                Let’s Build a Crypto Custodian (Part II) – How Much Regulatory Starting Capital Does a Crypto Custodian Require?

                As of the first of January 2020, crypto custodian services will be regulated as a new financial service in Germany. The safekeeping of cryptocurrencies and crypto tokens for customers on a commercial extent will at that point in time require a prior authorization by BaFin. The new financial service touches on a core issue of crypto-related business models which is the reason why numerous market participants already expressed interest in acquiring a BaFin license for the crypto custodian service business. The first mandatory step for a successful BaFin application for a crypto custody service provider license has to be a meticulous planning of the application and related to that a thorough examination of the regulatory requirements to fulfil. The first part of our multipart blog “Let’s Build a Crypto Custodian” covered the requirements that BaFin places on the managing directors of a crypto custody service provider. The second part addresses the question of how much starting capital must be shown to BaFin in order to successfully obtain a license to provide crypto custody services.

                MINIMUM STARTING CAPITAL DEPENDS ON THE PLANNED ACTIVITIES

                The German Banking Act (KWG) stipulates that German banks and financial service providers must have a certain minimal capital at their disposal at any point in time. If the starting capital drops below the statutory minimum, BaFin has to be notified immediately and, as a worst-case-scenario, might revoke the authorization of the company. The legal term “starting capital” is therefore somewhat misleading. The legal minimum amounts depend on the specific activity that the applying company plans to offer. Crypto custody service providers which solely offer custody services for crypto assets and no further banking or financial services and that do not plan to trade financial instruments for their own account require a starting capital of at least 125.000 euros according to the regulations. In the case that further banking services next to the crypto custody service like deposit or lending services are offered, the minimum starting capital increases to 5.000.000 euros. If the intention is to deal in financial instruments on own account beside the crypto custodian services the amount increases to a minimum of 730.000 euros. This might be the case if e.g. a crypto trading platform offers their customers by way of proprietary trading or financial brokerage the option to sell or acquire cryptocurrencies as well as the custody service.

                STARTING CAPITAL FOR THE CUSTODY OF SECURITY TOKENS IS PROBLEMATIC

                A special case must be made for companies intending to offer their clients custody services for security tokens that qualify as securities. As of the first of January 2020, security token will constitute crypto assets and so be suitable objects for crypto custodian services as the definition in the German Banking Act will state that crypto assets are digital representations of values that can be transferred, saved and traded and that are designed for investment purposes. If the tokens are designed as a security, the custody of these tokens would most probably also constitute a security depository business which would require a substantially higher starting capital. Insofar, the legal wording does not suggest a subsidiarity of the crypto custody service to the security depository service. Even though the explanatory memorandum to the governmental draft indicated the legislative will of such a subsidiarity, the actual wording of the finalized law does not contain it.

                HOW MUCH STARTING CAPITAL IS REQUIRED FOR THE OPERATION OF A DEPOSITORY BUSINESS?

                Interestingly, the German Banking Act (KWG) does not stipulate a minimum starting capital for providers of security depository services. The starting capital of 5.000.000 euros according to sec. 33 subsection 1d of the German Banking Act only applies to CRR regulated institutions and therefore only to banks that provide deposit and lending business in relation to money in the form of legal tender. Even though there is no legal regulation, there are many good arguments that the regulatory starting capital of 5.000.000 euros should also apply to security depository banks. From a regulatory point of view and in consideration of the risks associated, it does almost make no difference if the service provider safeguards values of their customers in the form of money or securities.

                Attorney Lutz Auffenberg, LL.M. (London)

                I.  https://fin-law.de

                E. info@fin-law.de

                subscribe to Newsletter

                  Contact

                  info@fin-law.de

                  Nov 25, 2019

                  Starting Capital and Equity for Blockchain Startups – How Much must be shown to BaFin?

                  Operating a business model in Germany that is based on or related to cryptocurrencies requires a BaFin authorization in most cases. BaFin qualifies Bitcoin and comparable cryptocurrencies as units of account already since 2011 and as of 2020 crypto assets will be legally classified as financial instruments in the German Banking Act (KWG). Moreover, BaFin also clarified that crypto tokens can, in certain cases, be financial instruments in the form of securities, asset investments or shares in investment funds. Therefore, blockchain startups can be subject to the German Banking Act (KWG). They therefore must be BaFin authorized prior to the start of their commercial activities. The road to authorization can be long and hard and requires meticulous and thorough planning. Not only professionally competent and reliable managing directors and a sustainable business plan but also sufficient funding that is risk appropriate and that ensures operations at least in the starting phase of the business must be shown to BaFin in order to successfully apply for authorization. But are the requirements for crypto service providers the same as for traditional financial service providers?

                  WHAT IS THE MINIMUM STARTING CAPITAL THAT CRYPTO FINANCIAL SERVICE PROVIDERS MUST SHOW TO BAFIN?

                  The question of how much capital a blockchain startup must have available prior to and during operations in order to successfully apply for and maintain a BaFin authorization cannot be answered differently as for any traditional financial service providers. The amount depends on the specific kind of financial service or banking activity that the applicant intends to offer. As a rule of thumb, it can be said that businesses offering services which neither grant the service provider a right of disposition regarding customer monies or securities nor of dealing with financial instruments for own account must have available at least 50.000 Euros at any time. If the applicant shall have the right of disposition regarding customer monies and securities but does not trade financial instruments for own account, the minimum is 125.000 euros. If the company shall trade financial instruments for own account, the minimum is 730.000 euros. In this context it is important to emphasize that cryptocurrencies such as Bitcoin, Litecoin, Dash or Iota are, according to German supervisory law, considered neither as money in a legal sense nor as securities. Therefore, crypto financial service providers do not need to show more than 50.000 euros of starting capital just because they offer safekeeping services for their customer’s cryptocurrencies on own accounts on behalf of the customers. This will be especially important as of 2020 for the newly regulated crypto custody service providers. All of this does of course not apply to the safekeeping of security tokens for customers in case those qualify as securities under MiFID II and must be treated as such.

                  DO CRYPTO FINANCIAL SERVICE PROVIDERS HAVE TO PROVE APPROPRIATE FUNDS ACCORDING TO CRR?

                  The European Capital Requirements Regulation (CRR) obliges businesses falling under its provisions to have a certain equity ratio at any time on basis of extensive and complicated rules. CRR-regulated institutions are therefore obligated to constantly evaluate their equity and risk positions. They also have to maintain a sufficient equity ratio at any point in time. Luckily, CRR regulations are seldomly applicable to crypto financial service providers. Only credit institutions and investment firms are subject to the corresponding directive. Credit institutions in the required sense are businesses that take in deposits or other repayable customer funds and give out loans for their own account – activities that – according to the directive – can only be conducted with money and not with cryptocurrencies. Investment firms in the sense of the CRR are exclusively companies being regulated by the Markets in Financial Instruments Directive (MiFID II) and cryptocurrencies are not defined as financial instruments by this directive. Therefore, crypto financial service providers can only be subject to the CRR if they conduct activities that are related to security tokens, because these have to be qualified as financial instruments with regards to MiFID II.

                  Attorney Lutz Auffenberg, LL.M. (London)

                  I.  https://fin-law.de

                  E. info@fin-law.de

                  subscribe to Newsletter

                    Contact

                    info@fin-law.de

                    Nov 18, 2019

                    Let´s Build a Crypto Custody (Part I) – What Qualification is Required by the Management?

                    After a lengthy back and forth, the German legislator last week finally decided on how to conduct the transposition of the provisions of the 5th European AML Directive into national law. The German Parliament accepted the recommended resolution of the 7th financial committee after the original draft of the federal government was heavily criticized by experts and market participants alike. Especially the so-called ring-fencing, which would have led to the situation that crypto custody service providers could not provide any other banking or financial services to their customers, was subject to heavy criticism. To the relief of the whole industry, the ring-fencing idea was abandoned. This hard to justify separation would not have been a suitable instrument to achieve the declared intention of the German federal government to develop Germany into a global blockchain hotspot. Moreover, the period in which crypto custody service providers that commercially store crypto assets for their clients and which have not been authorized by BaFin yet can continue to provide their services until the 30th of November 2020 if they apply for authorization until this date and inform BaFin until the 31st of March 2020 about the intended application. But what are the requirements that crypto custody service providers have to fulfil in 2020 to successfully apply for BaFin authorization?

                    WHAT ARE THE REQUIREMENTS REGARDING THE PROFESSIONAL COMPETENCE OF THE MANAGING DIRECTOR?

                    Crypto custody service providers, just as any other financial services institution, have to fulfil specific legal requirements to successfully apply for BaFin authorization. That of course means that the company has to be managed by fit and proper directors, that have enough time at their disposal to sufficiently take care of the business. The professional competence (the fit part of fit and proper) of a person is, according to the German Banking Act (KWG), legally assumed if the person has worked for at least three years in a managing position of a supervised financial services institution and if he or she was responsible for the kind of financial services that the applying company wants to offer. Otherwise, the professional competence of a managing director has to be proven explicitly to BaFin in the application. This is done by meticulously proving his or her theoretical and practical abilities by e.g. submitting a monthly-detailed curriculum vitae, training and working certificates or other suitable documents like specialist publications or lecturing activities. Since the crypto custody service is about to be newly introduced as a financial service nobody will fulfil the legal assumption because nobody has three years of working experience in that field of work. Applications for the authorization of crypto custody services will therefore always rely on the individual verification of the managing directors. At the same time, BaFin will have to take into consideration that crypto custody services are a new form of financial service providers and therefore, that the not only -temporal management of a bank or other financial service provider and a proven understanding of the technical basics of crypto assets will most likely qualify a person to be the managing director of a crypto custody service provider.

                    WHEN IS THE DIRECTOR OF A CRYPTO CUSTODIAN CONSIDERED TO BE RELIABLE AND SUFFICIENTLY AVAILABLE FOR THE COMPANY?

                    With regards to the reliability and temporal availability of managing directors of crypto custody service providers there are no specific peculiarities compared with the managing directors of any other institution being subject to BaFin authorization in accordance to the German Banking Act (KWG). The reliability of a managing director has to be proven in the application. The criminal record of the candidate and e.g. an excerpt of the central trade registry next to details of the candidate’s economic situation and bankruptcy procedures (if any) are used to prove a candidate’s reliability. The temporal availability depends on how much time the proper conduction of the business probably takes. It is possible that the managing director of a crypto custody service provider holds other managing, supervisory or administrative positions next to the managing position. It is necessary to display and globally justify the required and available time of the proposed managing director vis-à-vis BaFin.

                    HOW MANY MANAGING DIRECTORS DO CRYPTO CUSTODY SERVICE PROVIDERS NEED?

                    In general, financial service providers only need one professionally competent and reliable managing director who has sufficient time at his disposal to manage the service provider. Two managing directors are necessary if the service provider is authorized to acquire ownership or possession of customer’s monies or securities. The obvious reason for this regulation is to ensure the dual control principal for fiduciary and custody service providers. The crypto custody service providers will only store crypto assets. If these crypto assets are merely cryptocurrencies such as Bitcoin, Litecoin, Ripple or IOTA the still applicable administrative practice of Bafin defines them as units of account. They are therefore financial instruments but neither money nor securities in a legal sense. Therefore, one managing director would in this case be sufficient to propose in the BaFin application. The legal handling of the custody of security tokens on the other hand is not yet entirely clarified at this point. It would make sense to subsume the custody of security token under the deposit business and not under the crypto custody service, but the passed legislation does not mandate this explicitly. If it would be handled as stated above, security tokens could not be stored with crypto custody service providers but only with depository banks which regularly must have two managing directors.

                    Attorney Lutz Auffenberg, LL.M. (London)

                    I.  https://fin-law.de

                    E. info@fin-law.de

                    subscribe to Newsletter

                      Contact

                      info@fin-law.de

                      Nov 11, 2019

                      Lending Cryptocurrencies – Is that a Lending Business and Therefore Subject to Authorization?

                      Companies that commercially grant customers loans generally need, if they are subject to German banking supervisory law, a BaFin authorization for the lending business. According to the applicable legal provisions, this banking activity is reserved for companies with a full banking license. According to the legal definition of the German Banking Act (KWG), acceptance credits and money loans are considered lending business. BaFin generally places low demands on the definition. According to its administrative practice concerning the temporary granting of money it is irrelevant if interest or collaterals are contractually agreed upon or if the lender finances the business via burrowed funds. Relevant however is that the loan is a money loan which is given by the provider at the start and returned to him at the end of the duration in money. A provider that e.g. grants his customers money for a duration of five years and receives, as contractually agreed upon, a certain amount of preset securities at the end does not conduct a lending business in the sense of the German Banking Act (KWG). The loan has to be repayable in a way that the nominal value and the repayment claim are both denominated in money.

                      PROVIDERS OF CRYPTO LOANS STILL NEED A BAFIN LICENSE
                      According to BaFin’s administrative practice the temporary granting of cryptocurrencies is not a lending business that would be subject to authorization. With this reason for authorization being inapplicable, the providers of crypto loans are still subject to authorization by BaFin according to the German Banking Act (KWG) if the cryptocurrencies in question are deemed units of account and therefore financial instruments and the providers operate in or from Germany. The loaning of e.g. Bitcoins, Litecoins, Ether or Monero, which are all financial instruments according to BaFin, can be, under certain circumstances, considered proprietary trading if the provider conducts the business commercially or not merely occasionally. The decisive point is that the borrower of a crypto loan obtains the full power of disposition over the received units with the transfer of the units onto his own blockchain wallet to which he holds the private key. At the end of the crypto loans duration the borrower has to transfer the received number of crypto units back to the lender. He therefore bears the full market price risk during the duration of the loan. Overall this might amount to a classic derivative forward transaction. The crypto loan might be a derivative forward transaction and therefore a financial instrument according to the German Banking act (KWG).

                      ARE CRYPTO LOAN PROVIDERS REGULATED BY THE GERMAN BANKING ACT (KWG) AS PROPRIETARY TRADERS?
                      Proprietary trading that is subject to authorization in accordance to the German Banking Act (KWG) can occur in four different variations. It is conducted in particular if the provider continuously offers to buy and sell financial instruments, which he has acquired on his own account with his own means at his own prices. In all four variations it is necessary that the proprietary trader trades financial instruments on his own account.

                      Attorney Lutz Auffenberg, LL.M. (London)

                      I. https://fin-law.de

                      E. info@fin-law.de

                      subscribe to Newsletter

                        Contact

                        info@fin-law.de

                        Nov 04, 2019

                        Passporting an STO Prospectus – How Can an STO Prospectus be Used for EEA-wide Offerings?

                        Numerous capital markets authorities throughout Europe approved security token offerings by now and thereby allowed the public offering of blockchain-based securities. Even in Germany, where the securities law still heavily relies on documents in paper form, a number of securities prospectuses regarding blockchain-based securities have been approved by BaFin. At the same time, the German legislator announced the introduction of digital debenture bonds as part of its blockchain strategy and promised to publish a draft legislation by the end of the year. Blockchain technology is gaining ground in the area of public offerings of securities and has yet developed into a serious alternative to traditional, paper document-based securities emissions. STOs offer emitters numerous ways to reduce the costs of the emitting process e.g. by making security depositories for collective certificates unnecessary or by enabling automation for countless processes during the emission which can make the services of paying agents expendable. Is a security token offering suited for emitters that want to offer their product to investors in more than one EEA member state?

                        FULL-FLEDGED SECURITY PROSPECTUS FOR TOKENS QUALIFYING AS SECURITIES

                        If a security token meets all the requirements for a security in the sense of the EU Prospectus Directive according to the supervisory authority that would be responsible for the approval of the prospectus, the emitter, in order to publicly offer the token, must have approved a security prospectus for that token by the competent authority, get it published and deposited with the approving authority. Before that, the security tokens may not be offered publicly. Just as with traditional, paper-based securities, STO emitters must create and compile a comprehensive security prospectus for their product. This security prospectus, if approved by the competent authority, is a full-fledged security prospectus in the sense of the EU Prospectus Directive that triggers the same rights and obligations as a prospectus for traditional securities would do. STO prospectuses can therefore be passported within the EEA because they are subject to the same passporting regulations as traditional security prospectuses are. As a consequence, STO emitters can use an approved STO prospectus for a public offering in other EEA member states, too, as long as they apply for notification for the target member states with the competent authority.

                        HOW EXACTLY DOES THE NOTIFICATION PROCEDURE FOR STO PROSPECTUSES WORK?

                        An STO emitter wanting to use his approved security prospectus in other EEA member states for the public offering of his security token can simply apply for notification with the competent authority that approved the prospectus. The competent approval authority will then inform the competent authority in the target member state and ESMA within a working day that the STO emitter created an EU Prospectus Directive compliant securities prospectus that has been approved. Furthermore, a copy of the prospectus will be sent to the competent authority in the target member state. The competent authority of the target member state is bound by the assessment of the competent approval authority. If e.g. BaFin approves a security prospectus for a security token offering and the emitter also wants to offer his token to Austrian investors, the Austrian FMA has no way to prohibit the public offering of the tokens in Austria if the emitter prior to the offering notified BaFin of offering the security tokens in Austria as well. Of course, the FMA could also not request from the emitter to draw up and have approved another security prospectus for the offering of the tokens to Austrian investors with the FMA. As to the prospectus language, all European capital markets authorities must accept prospectuses in a language that is commonly used in the sphere of international finance. Therefore, English is the sensible choice for prospectuses for European STOs.

                        Attorney Lutz Auffenberg, LL.M. (London)

                        I.  https://fin-law.de

                        E. info@fin-law.de

                        subscribe to Newsletter

                          Contact

                          info@fin-law.de

                          to top