Category: blog EN

The lawyer responsible for questions relating to DORA and IT law at our law firm is Attorney Lutz Auffenberg LL.M. (London).

FIN LAW – Awarded by WiWo for the Third Time
For the third time, WirtschaftsWoche (WiWO) magazine has awarded FIN LAW and Dr. Lutz Auffenberg, LL.M. (London) as a top Law Firm and Lawyer respectively.
FIN LAW Hosts the Annual Meeting of the Fintech Legal Network
FIN LAW had the pleasure of hosting the Annual Meeting of the Fintech Legal Network and was pleased to welcome members to its offices in Senckenberganlage.
Successful Book Launch at FIN LAW for the New MiCAR Handbook by Dr. Johannes Meier
Presentation of the new MiCAR handbook by Dr. Johannes Meier at the book launch event of FIN LAW.

Aug 26, 2024

Getting Ready for DORA (Part II) – Locational Advantage for Germany?

[et_pb_section fb_built=”1″ _builder_version=”4.27.0″ _module_preset=”default” global_colors_info=”{}”][et_pb_row _builder_version=”4.27.0″ _module_preset=”default” global_colors_info=”{}”][et_pb_column type=”4_4″ _builder_version=”4.27.0″ _module_preset=”default” global_colors_info=”{}”][et_pb_button button_url=”/2024/08/26/getting-ready-for-dora-part-ii-standortvorteil-deutschland/” button_text=”Für deutsche Version bitte hier klicken” _builder_version=”4.27.0″ _module_preset=”default” custom_button=”on” button_text_size=”13px” button_border_width=”1px” button_border_radius=”0px” global_colors_info=”{}”][/et_pb_button][/et_pb_column][/et_pb_row][et_pb_row _builder_version=”4.27.0″ _module_preset=”default” global_colors_info=”{}”][et_pb_column type=”4_4″ _builder_version=”4.27.0″ _module_preset=”default” global_colors_info=”{}”][et_pb_text _builder_version=”4.27.2″ _module_preset=”default” hover_enabled=”0″ global_colors_info=”{}” sticky_enabled=”0″]

The European Union has adopted the Digital Operational Resilience Act (DORA) to standardize and strengthen digital resilience in the financial sector. From 17 January 2025, affected companies must comply with this regulation. The reason for this measure is the increasing digitalization and networking, which has resulted in the widespread use of information and communication technologies (ICT), including in the financial sector. DORA aims to effectively counter risks from cyber threats and operational disruptions. The regulation obliges financial companies and certain ICT service providers to take comprehensive measures to strengthen their digital resilience. Numerous players in the financial sector are affected, including credit institutions, investment firms, payment institutions, crypto service providers and issuers of value-referenced tokens. These companies must thoroughly review their internal processes and procedures and adapt them to the new legal requirements. This includes implementing robust security measures, conducting regular risk analyses and developing contingency plans in order to be able to react quickly and effectively in the event of cyber-attacks or IT disruptions. The introduction of DORA represents a challenge for many companies, as it requires significant adjustments and investments in IT infrastructure and risk management. Nevertheless, the regulation also offers opportunities, as it improves the resilience and security of the entire financial sector. What requirements are already being placed on the companies affected and will this even result in advantages for these companies in Germany?

Which Requirements Already Apply and How Do They Differ from DORA?

DORA has its sights set on the European and therefore also the German financial sector, with the aim of harmonizing the handling of ICT risks across Europe. Financial companies are to be put in a position to deal with ICT risks appropriately. The German financial supervisory authority BaFin has not been idle in the past and is already keeping an eye on ICT risks, while imposing far-reaching requirements on the German financial sector. These apply, for example, to the IT of banks, insurers, capital management companies and payment service providers. To this end, BaFin has issued a series of circulars that regulate the IT requirements for the aforementioned financial players. The circulars published under the more or less catchy names BAIT, VAIT, KAIT and ZAIT – to name just a few examples – impose comprehensive requirements on the financial players concerned with regard to the governance and organization of IT, information risk and information security management and the stability of IT operations. Some of these requirements are also reflected in DORA. Part of the information security management required by the circulars is that the management must establish the function of the Information Security Officer (ISO). The function of the ISB includes responsibility for all information security matters within the institution and vis-à-vis third parties. DORA does not recognize the function of the ISB. However, the function and independent position of the ISB is similar to the introduction of an ICT risk control function required by DORA, which is to be responsible for the management and monitoring of ICT risk. However, the different areas of responsibility make it clear that DORA places a stronger focus on the monitoring and management of ICT risk compared to the circulars. This is just one example of how BAIT, VAIT, KAIT and ZAIT in many respects already cover the basic requirements for the ICT risk management framework and the key principles for sound management of ICT third party risk under DORA. A financial company that already meets the requirements of BAIT, VAIT, KAIT or ZAIT will therefore have a good starting position for the implementation of DORA. This could be the locational advantage for such financial companies.

Is There Still a Need for Action?

However, the comparison between the ISB and the ICT control function makes it clear that the purposes of DORA differ from or go beyond those of the BaFin circulars. DORA is intended to strengthen the digital operational resilience of the financial sector. In order to achieve this goal, DORA goes beyond the requirements of BAIT, VAIT, KAIT and ZAIT in many areas. It is therefore not enough to rest on existing strategies, processes, functions, etc. BaFin is also aware of this and has already announced that it will repeal the BAIT, VAIT, KAIT and ZAIT circulars. For the financial institutions concerned, this means that an adjustment to the requirements of DORA is unavoidable and should be implemented before DORA comes into force. BaFin has already published implementation information on this topic to facilitate the transition from the circulars to DORA.

FIN LAW

The lawyer responsible for questions relating to DORA and IT law at our law firm is Attorney Lutz Auffenberg LL.M. (London).

[/et_pb_text][/et_pb_column][/et_pb_row][et_pb_row _builder_version=”4.27.0″ _module_preset=”default” global_colors_info=”{}”][et_pb_column type=”4_4″ _builder_version=”4.27.0″ _module_preset=”default” global_colors_info=”{}”][et_pb_button button_url=”https://subscribe.newsletter2go.com/?n2g=bnenflo7-3kepbm9f-9g1&_ga=2.76407708.842992497.1570698390-510082309.1569668016″ url_new_window=”on” button_text=”SIGN IN FOR NEWSLETTER” _builder_version=”4.9.10″ _module_preset=”default” custom_button=”on” button_text_size=”13px” button_text_color=”#FFFFFF” button_bg_color=”#333233″ button_border_width=”10px” button_border_color=”#333233″ button_border_radius=”0px” button_letter_spacing=”2px” button_font=”|700||on|||||” button_use_icon=”off” animation_style=”zoom” global_module=”775″ global_colors_info=”{}”][/et_pb_button][/et_pb_column][/et_pb_row][/et_pb_section]

FIN LAW – Awarded by WiWo for the Third Time
For the third time, WirtschaftsWoche (WiWO) magazine has awarded FIN LAW and Dr. Lutz Auffenberg, LL.M. (London) as a top Law Firm and Lawyer respectively.
FIN LAW Hosts the Annual Meeting of the Fintech Legal Network
FIN LAW had the pleasure of hosting the Annual Meeting of the Fintech Legal Network and was pleased to welcome members to its offices in Senckenberganlage.
Successful Book Launch at FIN LAW for the New MiCAR Handbook by Dr. Johannes Meier
Presentation of the new MiCAR handbook by Dr. Johannes Meier at the book launch event of FIN LAW.

Aug 05, 2024

Asset Investment Under MiCAR – Is a Securities Prospectus or Crypto Whitepaper Needed for the Public Offering?

Investment products can be offered by companies seeking capital in many different legal forms. In addition to the most common form of transferable securities within the meaning of MiFID2 regulation, such as shares and debt instruments, issuers can also issue investment products as shares in investment funds or, on the basis of national regulation, as asset investments. Through the Asset Investment Act, the German legislator originally intended in particular to regulate the so-called gray capital market, on which investment products were offered that did not qualify as securities and were therefore not subject to the prospectus requirements for securities issuances. Such products include uncertificated profit participation rights, subordinated loans, profit-participating loans or participations as a silent partner. They generally lack the inherent tradability of securities on the capital markets, which distinguishes them from securities. Nevertheless, the German Investment Act obliges issuers and providers of investments in Germany to prepare and publish sales prospectuses prior to the first public offering, which must be approved by BaFin. For investments offered in the form of crypto tokens, BaFin is of the opinion that the increase in tradability achieved through tokenization means that tokenized investments are to be classified as securities of their own kind for regulatory purposes and are therefore subject to the EU Prospectus Regulation and the German Securities Prospectus Act rather than the German Asset Investment Act with regard to prospectus obligations.

Either Crypto Whitepaper According to MiCAR or Securities Prospectus According to EU Prospectus Regulation?

MiCAR clearly stipulates that tokenized investment products, which constitute financial instruments within the meaning of MiFID2, do not fall within the scope of MiCAR. In this respect, the legislator has ensured a clear competitive relationship between MiFID2 and MiCAR. The first public offering of a tokenized stock therefore obliges its issuer to prepare and publish a securities prospectus to be approved by BaFin in accordance with the EU Prospectus Regulation or the German Securities Prospectus Act. In contrast, the preparation of a crypto whitepaper is not required, as the share as such is already a financial instrument pursuant to MiFID2 and therefore cannot also be a crypto asset pursuant to MiCAR. However, this clear either-or logic does not apply to tokenized investments under the German Asset Investment Act. This is because asset investments do not constitute financial instruments within the meaning of MiFID2, but are a purely nationally regulated type of investment product. In this context, the exemption for financial instruments under MiFID2 cannot be applied to asset investments. BaFin’s administrative practice of applying the EU Prospectus Regulation to initial public offerings of tokenized investments does not help either, as securities of their own kind are not included in the MiFID2 catalog of financial instruments.

Public Offer of Securities of its Own Kind in Accordance with BaFin’s Administrative Practice Requires Securities Prospectus and Crypto Whitepaper

For tokenized asset investments, therefore, both a securities prospectus and a crypto whitepaper must be prepared and published prior to their public offering in the EU. While the securities prospectus must be approved by BaFin and subsequently published, the crypto whitepaper only needs to be published. Approval or authorization by BaFin is not required. The crypto whitepaper and securities prospectus also differ in terms of content and presentation, which is why issuers and providers of tokenized asset investments will have to pay close attention to ensuring that the information provided in the two documents is congruent. Of course, issuers of tokenized asset investments will check whether an exemption from the prospectus obligation or crypto whitepaper obligation may apply to their issuance in order to only have to prepare one document. As a rule, however, both documents will have to be prepared. Issuers should therefore check on a case-by-case basis whether their investment product can also be designed in such a way that it qualifies as a financial instrument under MiFID2. In most cases, only a securities prospectus would then have to be prepared and the obligation to publish a crypto whitepaper would not apply.

The competent lawyer for advice on the legal classification of tokens according to MiCAR in our law firm is Attorney Lutz Auffenberg, LL.M. (London).

FIN LAW – Awarded by WiWo for the Third Time
For the third time, WirtschaftsWoche (WiWO) magazine has awarded FIN LAW and Dr. Lutz Auffenberg, LL.M. (London) as a top Law Firm and Lawyer respectively.
FIN LAW Hosts the Annual Meeting of the Fintech Legal Network
FIN LAW had the pleasure of hosting the Annual Meeting of the Fintech Legal Network and was pleased to welcome members to its offices in Senckenberganlage.
Successful Book Launch at FIN LAW for the New MiCAR Handbook by Dr. Johannes Meier
Presentation of the new MiCAR handbook by Dr. Johannes Meier at the book launch event of FIN LAW.

Jul 15, 2024

Getting Ready for DORA (Part I) –High Impact on Small Companies in the Financial Sector?

Under the name Digital Operational Resilience Act (DORA), the EU has issued a new regulation to standardize and strengthen the digital operational resilience of the financial sector across the Union. DORA, which was adopted in December 2022, comes into force on 17 January 2025 and must be complied with by the obligated companies from this date. The regulation finds its raison d’être in the now widespread use of information and communication technologies (ICT) in the financial sector as a result of increasing digitalization and networking. DORA is intended to counteract the resulting risks of cyber threats and disruptions. The regulation obliges financial companies and certain ICT service providers to take comprehensive measures to achieve this goal. The term “financial company” covers almost all traditional players in the financial sector, such as credit institutions, investment firms, payment institutions and financial service providers, but also crypto service providers (CASPs) and issuers of asset-referenced tokens. Companies affected are faced with a range of additional legal requirements. As a result, internal processes and procedures must be reviewed and, if necessary, adapted to DORA. As the requirements of DORA are far-reaching, this could represent a considerable burden, especially for smaller companies. It is therefore of particular importance whether DORA provides for exemptions for such companies. So is there any relief for smaller companies?

Same Rules for All? Application to Smaller Companies

One of the guiding principles of DORA is the principle of proportionality. This means that the individual obligations can affect a financial company differently in individual cases depending on its size, overall risk profile, type, scope and complexity of services, activities and transactions. Basically, the requirements increase in proportion to the risk. Accordingly, DORA divides financial companies into micro, small and medium-sized enterprises and all financial companies above them. A microenterprise exists – with some exceptions, such as for trading venues, central counterparties or trade repositories – if the company employs fewer than ten people and its annual turnover or annual balance sheet total does not exceed EUR 2 million. A small enterprise is a financial company that employs between 10 and 50 people and whose annual turnover or annual balance sheet total exceeds EUR 2 million but is only up to EUR 10 million. Medium-sized enterprise employs fewer than 250 people, has an annual turnover of up to EUR 50 million and an annual balance sheet total of up to EUR 24 million. This classification into one of the size categories alone can result in a number of exemptions and simplifications from the requirements of DORA for the corresponding financial companies.

Which Specific Exceptions Could Be Considered?

DORA requires financial companies to implement appropriate ICT risk management. This includes a robust, comprehensive and well-documented ICT risk management framework that enables risks to be quickly identified and remediated. At a minimum, such a framework must include policies, guidelines, procedures, ICT protocols and tools necessary to properly protect all information and ICT assets, including software, hardware and servers. It must also protect all relevant physical components and infrastructure, such as premises, data centers and designated sensitive areas. To manage and monitor ICT risk, financial firms must also establish an independent control function and review and document the ICT risk framework on an annual and ad hoc basis. Micro-enterprises are exempt from this and can dispense with a separate control function. Furthermore, they only have to review and document the ICT risk framework regularly and on an ad hoc basis. This is just one of many exceptions that are in line with the proportionality principle of DORA. It should be examined on a case-by-case basis whether statutory exemptions are applicable. Even without a specific statutory exemption, the extent of the measures that a financial company must undertake can vary considerably depending on the risk profile. Overall, DORA is an extremely complex set of regulations that forces companies in the financial sector to further professionalize their business organization with regard to ICT risks.

FIN LAW

The lawyer responsible for questions relating to DORA and IT law at our law firm is Attorney Lutz Auffenberg LL.M. (London).

FIN LAW – Awarded by WiWo for the Third Time
For the third time, WirtschaftsWoche (WiWO) magazine has awarded FIN LAW and Dr. Lutz Auffenberg, LL.M. (London) as a top Law Firm and Lawyer respectively.
FIN LAW Hosts the Annual Meeting of the Fintech Legal Network
FIN LAW had the pleasure of hosting the Annual Meeting of the Fintech Legal Network and was pleased to welcome members to its offices in Senckenberganlage.
Successful Book Launch at FIN LAW for the New MiCAR Handbook by Dr. Johannes Meier
Presentation of the new MiCAR handbook by Dr. Johannes Meier at the book launch event of FIN LAW.

Jun 17, 2024

WIB or BIB – When Must Which Documentation Be Provided?

The issue of financial products is regularly accompanied by the obligation of the issuer or provider to fulfill corresponding documentation and prospectus obligations. This is certainly the case if the financial product is to be offered to the public. As a rule, a sales prospectus and/or an investment information sheet (“VIB”) must be prepared for investments in accordance with the German Investment Act. The same applies to certain forms of investment assets under the German Capital Investment Code. The MiCAR Regulation will determine what type of crypto asset whitepaper must be prepared for the various types of crypto assets in the future. In the case of securities, which include many tokenized products as sui generis securities, the interaction of the European Prospectus Regulation (EU) 2017/1129 (“Prospectus Regulation”) and the German Securities Prospectus Act (“WpPG”) regulates the prospectus and documentation obligations of providers and issuers. In this respect, the German legislator has made use of an option in the Prospectus Regulation and stipulated that no securities prospectuses need to be published in Germany for public offers of securities with a total consideration of no more than EUR 8 million in the European Economic Area, calculated over a period of twelve months. Instead, a securities information sheet (“WIB”) can be prepared, filed with BaFin and published. But when is this also not the case and what obligations do issuers and providers have instead and can this even have advantages?

When Must a BIB Be Published Instead of a WIB?

However, there is no obligation to publish a WIB if a key information document (“KID”) already has to be published for the security in question in accordance with Regulation (EU) No. 1286/2014 (Packaged Retail and Insurance-based Investment Products (PRIIPs): “PRIIPs Regulation”). For its part, the PRIIPs Regulation stipulates that a key information document must be prepared and published by manufacturers of packaged retail investment products. The issuer or provider must therefore at least also address retail investors with the product in question. Furthermore, the security must be a packaged product within the meaning of the PRIIPs Regulation. It can be difficult to determine when this is the case in individual cases. In principle, however, the PRIIPs Regulation stipulates that packaged investment products are considered to be packaged if the amount to be repaid is subject to fluctuations due to the dependence on reference values or the performance of one or more assets that are not acquired directly by investors. BaFin specifies here that the amount to be repaid must be understood to include both the interest and the repayment of the product. In accordance with the European Securities and Markets Authority (“ESMA”), BaFin also states that the type of reference value is also important. For example, the dependence of the amount to be repaid on internal benchmarks or interest rate indices such as Euribor does not lead to the existence of a packaged product in the sense required here, but the dependence on external benchmarks does.

What are the Differences Between the Different Information Sheets?

In principle, a WIB can therefore be prepared, filed with BaFin and published in Germany for public offers of securities of up to EUR 8 million. The WIB has a maximum length of 3 A4 pages and 4 A4 pages for digital and non-securitized securities. Publication must be approved by BaFin, whereby BaFin only checks the completeness of all information, notes and attachments, but not their accuracy. In comparison, the BIB, which comprises a maximum of 3 A4 pages, does not require any filing or approval by BaFin. It only needs to be prepared and published on the website of the PRIIP manufacturer, usually the issuer. In this respect, the time-consuming and costly approval and filing process with BaFin can be avoided if the terms and conditions of the securities are carefully drafted by an experienced lawyer in securities prospectus law, provided that the design of a PRIIP for which a BIB would have to be prepared is desired.

Attorney Dr. Konrad Uhink

The lawyer responsible for the creation of WIBs and BIBs as well as for the documentation of capital markets issuances in our law firm is attorney Dr. Konrad Uhink.

FIN LAW – Awarded by WiWo for the Third Time
For the third time, WirtschaftsWoche (WiWO) magazine has awarded FIN LAW and Dr. Lutz Auffenberg, LL.M. (London) as a top Law Firm and Lawyer respectively.
FIN LAW Hosts the Annual Meeting of the Fintech Legal Network
FIN LAW had the pleasure of hosting the Annual Meeting of the Fintech Legal Network and was pleased to welcome members to its offices in Senckenberganlage.
Successful Book Launch at FIN LAW for the New MiCAR Handbook by Dr. Johannes Meier
Presentation of the new MiCAR handbook by Dr. Johannes Meier at the book launch event of FIN LAW.

Jun 10, 2024

MiCAR vs MiFID II – Which Tokens Are Considered Crypto Assets and Which Are Financial Instruments?

With the Markets in Crypto Assets Regulation (MiCAR), the European Union created an independent set of rules for the commercial handling of crypto assets that is directly applicable in all EU member states. The text of the regulation is already very extensive and detailed. Nevertheless, it is necessary in many places to ensure a uniform interpretation by the authorities in the member states. For this reason, the European Securities and Markets Authority (ESMA) is obliged in many provisions of MiCAR to draw up explanatory notes, consult with market participants and publish them. ESMA also has such an obligation in relation to the exemption clause which sets out the alternative relationship between MiCAR and MiFID2. The exemption stipulates that the provisions of MiCAR should not apply to a crypto asset that meets the requirements for a financial instrument within the meaning of MiFID2 regulation. In this respect, it is problematic that the member states developed and applied very different administrative practices in their interpretation of what constitutes a financial instrument under MiFID2 in the period prior to the adoption of MiCAR. The fundamental question of whether MiCAR or MiFID2 regulation should apply to a token in the future therefore requires a uniform interpretation, which is to be made possible by the guidelines to be drawn up by ESMA.

Technology- Neutral Approach and “Substance or Form” Principle for Determining the Relevant Regulatory Regime

ESMA had already published a draft of the guidelines to be drawn up in this regard in January 2024. ESMA had given market participants the opportunity to comment on its draft by the end of April. The final guidelines must be published by ESMA by December 30, 2024, i.e. by the date of full applicability of MiCAR. For the interpretation, ESMA first clarifies in its draft consultation that the question of the classification of a token as a financial instrument should in any case be technology-neutral. The method of tokenization and the technical design are therefore of secondary importance. Instead, the characteristics, design and rights associated with the token should be decisive. This “substance over form” approach, which is also reflected in recital 14 of MiCAR, makes it clear in ESMA’s view that the determination of the legal nature of a token as a MiCAR or MiFID2 product must not be based on the technical shell of the product. However, the technical design will still be relevant for legal applications. This is because it will still be relevant when assessing whether a product constitutes a crypto asset within the meaning of MiCAR. Only then it can be examined in the second step whether this crypto asset constitutes a MiFID2 product in terms of its substance.

When May Tokens Be Classified as Transferable Securities under MiFID2?

Financial instruments within the meaning of MiFID2 regulation are, in particular, transferable securities. The term primarily refers to bonds, shares and other securities, for example for embedding derivatives. To define a transferable security, MiFID2 itself sets out three criteria that a product must meet in order to be classified as a transferable security. Firstly, the product must be part of a “category”. This means that the product must be part of an overall issue, which ultimately establishes its exchangeability and thus also its tradability on the capital market. The latter is the second prerequisite for the existence of a transferable security. ESMA understands this to mean not only traditional stock exchanges and regulated markets, but also all trading venues on which corresponding products can be traded, just as BaFin does in Germany. Finally, according to the definition contained in MiFID2, the product must not be a payment instrument. If these requirements are met, tokens are to be classified as transferable securities according to ESMA and are therefore subject to MIFID2 regulation. The provisions of MiCAR are thus not applicable to such tokens, even though they also meet the definition of a crypto asset under MiCAR.

The competent lawyer for advice on the legal design and classification of tokens in our law firm is Attorney Lutz Auffenberg, LL.M. (London).

FIN LAW – Awarded by WiWo for the Third Time
For the third time, WirtschaftsWoche (WiWO) magazine has awarded FIN LAW and Dr. Lutz Auffenberg, LL.M. (London) as a top Law Firm and Lawyer respectively.
FIN LAW Hosts the Annual Meeting of the Fintech Legal Network
FIN LAW had the pleasure of hosting the Annual Meeting of the Fintech Legal Network and was pleased to welcome members to its offices in Senckenberganlage.
Successful Book Launch at FIN LAW for the New MiCAR Handbook by Dr. Johannes Meier
Presentation of the new MiCAR handbook by Dr. Johannes Meier at the book launch event of FIN LAW.

Jun 03, 2024

Crowdfunding – Which Options Exist?

The phenomenon of crowdfunding has become an indispensable way of raising capital on the financial markets. Crowdfunding is enjoying unbroken popularity, particularly in the area of financing real estate projects. Put simply, this involves a large group of people raising money, often small amounts, for projects or companies via an internet platform. It is not only the actual fundraising that is of interest to companies seeking financing through crowdfunding, but also the media attention that individual projects that are implemented with the help of crowdfunding repeatedly attract. In Germany, crowdfunding is regulated at national level in the German Investment Act (VermAnlG). At the European level, this has been regulated by the European Crowdfunding Service Provider Regulation (ECSPR) (EU) 2020/1503 since 10^th of November 2021. But when is which regulatory regime applicable and which products may be distributed and how?

In Principle the ECSPR Takes Precedence Over the VermAnlG

Within the VermAnlG, the German legislator has established the priority of the ECSPR for offers that do not exceed an equivalent value of EUR 5,000,000, calculated over 12 months. The ECSPR therefore always takes precedence when an offer of products covered by the Regulation is made via a crowdfunding platform authorized under the ECSPR. These products include, in particular, financial products that are predominantly not classified as asset investments. In particular, these are securities and non-subordinated loans. Subordinated loans in particular, which are popular in Germany, lack the unconditionality of the repayment claim required by the ECSPR and are therefore not suitable products for distribution under the ECSPR. This is certainly not the case for loans with a qualified subordination. These subordinated loans therefore continue to fall under the scope of application of the VermAnlG if they are to be issued by way of crowdfunding in Germany and therefore also benefit from the simplifications that the VermAnlG provides for such issues.

What Documentation Requirements Must Be Met for the Issuance of a Crowdfunding Product?

In terms of content, the ECSPR obliges the crowdfunding service provider, i.e. the operator of the internet platform through which the issue is carried out, to offer the regulated crowdfunding services only on the basis of an authorization in accordance with the ECSPR and stipulates that they are subject to ongoing supervision by BaFin. In contrast to the national provisions of the VermAnlG, the regulation therefore does not apply in relation to the issuer or provider with respect to the filing of transparency documents, but rather to the operator of the internet platform. As an authorized crowdfunding service provider under the ECSPR, the latter is obliged to check the necessary documentation for each such offering, the so-called key investment information sheet (KIIS), for completeness, accuracy and clarity and to report any deficiencies to the promoter, who is responsible for preparing the KIIS, which is a maximum of 6 DIN A4 pages long, and to work towards correcting it. In contrast, when issuing a subordinated loan in accordance with the VermAnlG, for example, the issuer or provider of such a funding must prepare an investment information sheet no longer than 3 DIN A4 pages and file it with BaFin. With the appropriate authorization, it is possible to provide both crowdfunding under ECSPR as a crowdfunding service provider and as an operator of an Internet service platform within the meaning of the VermAnlG. Of course, it is not possible to offer crowdfunding issued in accordance with the VermAnlG in other European countries. However, this possibility exists under certain conditions for crowdfunding issued under ECSPR.

Attorney Dr. Konrad Uhink

The lawyer responsible for providing advice on crowdfunding under ECSPR as well as under the Asset Investment Act in our law firm is attorney Dr. Konrad Uhink.

FIN LAW – Awarded by WiWo for the Third Time
For the third time, WirtschaftsWoche (WiWO) magazine has awarded FIN LAW and Dr. Lutz Auffenberg, LL.M. (London) as a top Law Firm and Lawyer respectively.
FIN LAW Hosts the Annual Meeting of the Fintech Legal Network
FIN LAW had the pleasure of hosting the Annual Meeting of the Fintech Legal Network and was pleased to welcome members to its offices in Senckenberganlage.
Successful Book Launch at FIN LAW for the New MiCAR Handbook by Dr. Johannes Meier
Presentation of the new MiCAR handbook by Dr. Johannes Meier at the book launch event of FIN LAW.

May 27, 2024

Reverse Solicitation – Does MiCAR also Apply to Crypto Service Providers from Third Countries?

From December 30, 2024, crypto service providers in Europe will only be allowed to provide crypto services with a MiCAR license. The companies affected must already prepare now for the new rules to apply and ensure that they will be able to offer their crypto services in the future on the basis of the authorizations that will then be required and in compliance with all applicable compliance obligations. However, MiCAR will also bring advantages for European crypto service providers. In particular, the European crypto market will no longer be a regulatory patchwork under MiCAR. The standardized supervision of crypto service providers in Europe means that passporting will also be possible. Under MiCAR, crypto service providers will therefore be able to use a MiCAR license granted to them in one member state to provide services in other EU member states without having to obtain further authorization there, provided they have gone through a comparatively simple notification procedure with the supervisory authority of the target country. But what is the new regulatory situation under MiCAR for crypto service providers from third countries? Will they be able to serve European customers without MiCAR authorization as long as they do not actively solicit such customers?

Passive Freedom to Provide Services is to be Severely Restricted under MiCAR

Although MiCAR expressly allows companies from third countries without a MiCAR license to provide crypto services in cases where the service is used exclusively at the instigation of the client without any action on the part of the company, this exception is to be interpreted very restrictively. However, in its consultation paper published in January 2024, ESMA, which was tasked with specifying the provision, made it clear that this exemption should be interpreted very restrictively. ESMA emphasizes that the so-called reverse solicitation, which is an exception to the principle of the permission requirement, is actually a ban on actively approaching clients, which should only allow unlicensed companies from third countries to serve clients from Europe in individual cases within very narrow limits if the business initiation takes place on the client’s initiative. ESMA further states that, when interpreting the provision on the passive freedom to provide services, the national competent supervisory authorities should take into account that crypto service providers from third countries will attempt to systematically offer crypto services in Europe on the basis of the exception for reverse solicitation. In EMSA’s opinion, this possibility should not be granted by the interpretation of the provision.

According to EMSA, Authorized Reverse Solicitation Should Not Be a Free Pass for Unlicensed Crypto Services

ESMA therefore further restricts the possibility of reverse solicitation under MiCAR in its consultation paper by clarifying that crypto service providers from third countries may only provide their services on the basis of the exception in a very short time window. In particular, in the case of an authorized service provision, they will not be permitted to offer further crypto services to the customer acquired due to the fulfillment of all requirements of the passive freedom to provide services. This restriction is expressly provided for in the MiCAR exception to reverse solicitation itself. The opportunities for companies from third countries to serve European customers are thus limited to a minimum under MiCAR. For crypto service providers from non-EU countries, this means that they should either acquire a MiCAR license via a branch in Europe or create internal processes for handling customers from Europe. The only alternative would be to generally refuse to accept European customers without exception in order to avoid the risk of providing unauthorized crypto services.

The competent lawyer for advice on MiCAR exceptions for the passive freedom to provide services for crypto service providers from third countries in our law firm is Attorney Lutz Auffenberg, LL.M. (London).

FIN LAW – Awarded by WiWo for the Third Time
For the third time, WirtschaftsWoche (WiWO) magazine has awarded FIN LAW and Dr. Lutz Auffenberg, LL.M. (London) as a top Law Firm and Lawyer respectively.
FIN LAW Hosts the Annual Meeting of the Fintech Legal Network
FIN LAW had the pleasure of hosting the Annual Meeting of the Fintech Legal Network and was pleased to welcome members to its offices in Senckenberganlage.
Successful Book Launch at FIN LAW for the New MiCAR Handbook by Dr. Johannes Meier
Presentation of the new MiCAR handbook by Dr. Johannes Meier at the book launch event of FIN LAW.

May 13, 2024

The EU Growth Prospectus – Who May Benefit from These Regulations and What Facilitations Are There?

In principle, there are various ways for companies to raise capital. The bank loan as a way of raising debt capital and the issue of shares as an equity instrument are probably the classic approaches. If capital is to be raised not via a bank loan, but by issuing securities such as profit participation rights securitized in profit participation certificates, tokenized bonds or in shares, the issuer must generally comply with prospectus requirements when making a public offer to retail investors. In the European Union, these arise primarily from the EU Prospectus Regulation (EU) 2017/1129 and the accompanying regulations. Since the Regulation came into force on July 21, 2019, the EU Prospectus Regulation has also provided for the EU Growth Prospectus as an option for documentation for certain issues. The EU Growth Prospectus promises both simplified content and a smaller scope compared to a “normal” prospectus, and therefore generally lower costs when preparing the prospectus. But who can take advantage of these facilitations and what must be disclosed in terms of content?

Growth Prospectus Is Not Only Aimed at SMEs

The basic prerequisite for the possibility of fulfilling the prospectus requirement by means of an EU Growth Prospectus is always that no securities of the issuer concerned have yet been admitted to trading on a regulated market. If this requirement is met, issuers can choose this prospectus to fulfill their prospectus obligations if they fall into one of the following categories. Firstly, cases in which the issuer is a small and medium-sized enterprise (SME) are covered. However, the EU Growth Prospectus can also be used for a public offer regardless of whether the issuer qualifies as an SME if the issuer’s securities only have a limited market capitalization. In addition, the rules on the EU Growth Prospectus are also applicable if the issue has a total consideration in the EU over a 12-month period of no more than EUR 20 million and no securities of the company are traded on an MTF and the issuer had no more than 499 employees in the last year. Furthermore, the Growth Prospectus is eligible if the issuer’s shares are already traded on an SME growth market or the issuer has made an application to do so and the total value of the following two items is less than EUR 200 million: (i) the price of the final offer or the maximum price; (ii) the total number of shares outstanding immediately after the public share offer calculated on the basis of either the quantity of shares offered to the public or the maximum quantity of shares offered to the public. In addition, offerors of securities issued by issuers falling under one of the first two categories can also benefit from the EU Growth Prospectus rules. It is therefore not only SMEs that can make use of the EU Growth Prospectus.

What Content-Related Facilitations Are There?

In terms of content, this type of prospectus is very similar to the old SME prospectus. However, further streamlining has been introduced here by the European regulator. For example, information on the company’s history, employees, competitors and management practices is no longer required. Furthermore, there are simplifications with regard to the presentation of the issuer’s business and financial situation. The special registration document for the EU Growth Prospectus provides for the inclusion of financial information including key performance indicators (KPIs) and financial statements for one year for bonds and two years for shares. Overall, this results in a considerable simplification with regard to the scope of the preparation of an EU Growth Prospectus compared to a “normal” prospectus. This simplification should also be reflected in the costs of preparing the prospectus, so that companies for which this form of prospectus is an option have a real incentive to use the EU Growth Prospectus.

Attorney Dr. Konrad Uhink

The lawyer responsible for providing advice on capital markets issuances and financing in our law firm is attorney Dr. Konrad Uhink.

FIN LAW – Awarded by WiWo for the Third Time
For the third time, WirtschaftsWoche (WiWO) magazine has awarded FIN LAW and Dr. Lutz Auffenberg, LL.M. (London) as a top Law Firm and Lawyer respectively.
FIN LAW Hosts the Annual Meeting of the Fintech Legal Network
FIN LAW had the pleasure of hosting the Annual Meeting of the Fintech Legal Network and was pleased to welcome members to its offices in Senckenberganlage.
Successful Book Launch at FIN LAW for the New MiCAR Handbook by Dr. Johannes Meier
Presentation of the new MiCAR handbook by Dr. Johannes Meier at the book launch event of FIN LAW.

Apr 29, 2024

Crypto Advisory Under MiCAR – Will Referrers Need a BaFin License in the Future?

The European Markets in Crypto Assets Regulation (MiCAR) will gradually replace the national regulation of crypto services this year. On December 30, 2024, the rules of the EU regulation will apply to all CASPs in Europe. Thanks to various transitional arrangements, not all of them will require a MiCAR license immediately. However, it already makes sense to plan the transition to the new regulatory regime now. Compared to traditional regulation in the financial services sector, one crypto service that differs significantly under MiCAR is advice on crypto assets. This is because under the current regulation in Germany, investment advice only covers advisory services on transactions relating to financial instruments, including crypto assets. However, advice on crypto assets under MiCAR will go significantly further and, in addition to advice on transactions relating to crypto assets, will also regulate advice on the use of crypto services. This means that from 30 December 2024, anyone who provides customers with personalized recommendations on the use of certain crypto services may themselves be subject to a licensing requirement under MiCAR as a crypto advisor and may have to obtain a BaFin license for this activity beforehand.

When Does the Obligation to Obtain Permission for Provider Recommendations Apply?

In particular, crypto service providers that advertise the crypto services of third-party providers as part of their own service provision may constitute crypto advice in individual cases. This would be conceivable, for example, in cases where a crypto trading platform presents the services of various crypto custodians to its customers or a provider of crypto exchange services presents the use of the services of various portfolio managers for crypto assets. However, in order to trigger the licensing requirement in relation to crypto advice, it is always necessary for personalized recommendations to be made to the customer. It will therefore not be sufficient to simply name several different providers of a crypto service. MiCAR authorization may only be required if an advisory element is added. Therefore, if statements are made that suggest to the customer that a certain crypto service provider is particularly suitable for this customer compared to others, the crypto advice may be in the form of a provider recommendation. However, whether the recommendation to the customer is actually tailored to them, for example by taking their specific portfolio, their investment preferences and their personal risk profile as a basis, should not play a role. Rather, the decisive factor should be how the recommendation is presented from the customer’s perspective. Referrers should therefore exercise caution with statements that are intended to make customers believe that the use of a particular crypto service is a perfect fit for them or meets their specific needs.

What Should Referrers of Crypto Service Providers Consider in the Future?

Referrers should always take the MiCAR licensing requirement for crypto advice in the provider recommendation variant seriously and design all of their customer communications with this in mind. In all advertising statements relating to the offer of third-party crypto service providers, referrers should ensure that under no circumstances can the impression be given to the customer that the recommendation of the third-party provider was made taking into account the customer’s personal circumstances. The more general the advertising statement, the lower the risk of inadvertently providing crypto advice that requires a license. For influencers who make recommendations via public channels, on the other hand, the risk of providing crypto advice regulated under MiCAR is low, as they cannot make personalized recommendations because their audience is usually unknown to them.

The competent lawyer for the application of a BaFin license according to MiCAR and structuring of a business model to avoid licensing obligations in our law firm is Attorney Lutz Auffenberg, LL.M. (London).

FIN LAW – Awarded by WiWo for the Third Time
For the third time, WirtschaftsWoche (WiWO) magazine has awarded FIN LAW and Dr. Lutz Auffenberg, LL.M. (London) as a top Law Firm and Lawyer respectively.
FIN LAW Hosts the Annual Meeting of the Fintech Legal Network
FIN LAW had the pleasure of hosting the Annual Meeting of the Fintech Legal Network and was pleased to welcome members to its offices in Senckenberganlage.
Successful Book Launch at FIN LAW for the New MiCAR Handbook by Dr. Johannes Meier
Presentation of the new MiCAR handbook by Dr. Johannes Meier at the book launch event of FIN LAW.

Apr 22, 2024

Incorrect Crypto Whitepaper According to MiCAR – What are the Consequences?

When the Markets in Crypto Assets Regulation (MiCAR) comes into force on December 30, 2024, the provisions on crypto asset whitepapers contained therein will also become applicable. On this date, providers who publicly offer crypto assets other than asset referenced tokens or e-money Tokens must, among other things, prepare and publish a corresponding crypto asset whitepaper and submit it to BaFin as the competent authority in the event of a public offering in Germany. The information contained in the crypto whitepaper must not be incomplete, dishonest, incomprehensible or misleading. The regulations ultimately aim to ensure that the crypto whitepaper contains all the information necessary for the potential investor to make an informed purchase decision. But who would be liable should the crypto asset whitepaper be incorrect in the aforementioned sense?

In General, the Provider, the Applicant for Authorization to Trade or the Trading Platform Operator are Liable

Firstly, MiCAR stipulates that those who assume responsibility for the crypto-asset whitepaper are also the addressees of any liability for errors in the whitepaper in question. These are either the provider of the crypto asset or the person who has applied for the authorization of the crypto asset for trading or the operator of the trading platform on which the crypto asset is to be traded. Interestingly, the term “issuer” was not included in the scope of the liability addressees on the grounds that this would not be expedient, as there is often no identifiable issuer for this type of crypto asset. In principle, it is stipulated that all of the aforementioned possible responsible parties must be legal entities. As a general rule, they are only subject to limited liability insofar as they are only liable with their company assets. This limitation of liability would also affect liability for an erroneous crypto asset whitepaper, meaning that young companies with a thin capital base that assume responsibility for the whitepaper in question could only have very limited liability. In this respect, claims for damages due to losses caused by erroneous crypto asset whitepapers could well come to nothing.

Liability of Members of the Administration Bodies, Management Bodies or Supervisory Bodies

For this reason, MiCAR cumulatively also holds the administrative body, management body or supervisory body of the person responsible for the whitepaper liable to the holder of the crypto asset for damages suffered due to breaches of the aforementioned obligations. Specifically, this means that the natural persons in the aforementioned bodies of the legal entities may also be liable for damages caused by an erroneous crypto asset whitepaper. A limitation or even an exclusion of this liability by the general terms and conditions of the person responsible for the whitepaper is excluded by MiCAR itself. A proper and careful preparation of the required crypto asset whitepaper to avoid liability risks for the person responsible for the whitepaper by a law firm specializing in the preparation of MiCAR whitepapers is therefore advisable for all parties involved. This is particularly important as there is no time limit for this type of liability in MiCAR, which is otherwise usual for prospectus and documentation obligations.

Rechtsanwalt Dr. Konrad Uhink

Zuständiger Anwalt für die Beratung zur Erstellung rechtskonformer MiCAR Whitepaper in unserer Kanzlei ist Rechtsanwalt Dr. Konrad Uhink.

FIN LAW – Awarded by WiWo for the Third Time
For the third time, WirtschaftsWoche (WiWO) magazine has awarded FIN LAW and Dr. Lutz Auffenberg, LL.M. (London) as a top Law Firm and Lawyer respectively.
FIN LAW Hosts the Annual Meeting of the Fintech Legal Network
FIN LAW had the pleasure of hosting the Annual Meeting of the Fintech Legal Network and was pleased to welcome members to its offices in Senckenberganlage.
Successful Book Launch at FIN LAW for the New MiCAR Handbook by Dr. Johannes Meier
Presentation of the new MiCAR handbook by Dr. Johannes Meier at the book launch event of FIN LAW.

Apr 15, 2024

Getting Ready for MiCAR – BMF Proposes Two New Regulations for the Transition to MiCAR

On 5^th of April 2024, the Federal Ministry of Finance (BMF) published two draft regulations intended to effectuate the transition from national crypto regulation to the MiCAR regime, which will finally apply to crypto service providers (CASP) as of 30^th of December 2024. Market participants, associations and experts will have the opportunity to submit critical comments on the content of the planned regulations to the Federal Ministry of Finance by 19^th of April 2024. With the MiCAR Transit Regulation (MiCAR-TransitV), the Federal Ministry of Finance intends to regulate the use of a simplified procedure for obtaining a MiCAR license as provided for in MiCAR. The draft MiCAR Application Regulation (MiCAR-Antragsverordnung – MiCAR-AntragsV), on the other hand, is intended to define the details of the application process for all application procedures provided for by MiCAR, in particular when which applications for authorization under MiCAR can be submitted by crypto service providers. Both draft regulations find their legal basis in the German Crypto Markets Supervision Act (KMAG), which is also available as a draft version of the Federal Government dated February 7, 2024, but which can be expected to be adopted in the near future in view of the MiCAR, which will already take legal effect as of 30^th of June 2024, at least with regard to e-money tokens (EMT) and asset referenced tokens (ART).

MiCAR-TransitV Facilitates Obtaining MiCAR License for Investment Firms and Crypto Custodians

According to MiCAR, the simplified procedure for obtaining a MiCAR license is intended to benefit companies that already are licensed under national law for the provision of crypto services. In Germany, these are in particular crypto custodians that already hold a BaFin license under the German Banking Act (KWG) and crypto service providers with a BaFin license under the German Investment Firms Act (WpIG) or the KWG, for example for investment brokerage or investment advice in relation to crypto assets, operators of multilateral crypto trading systems, proprietary traders or financial commission agents who trade crypto assets for their own account. The MiCAR-TransitV will specify the content requirements for applications in the simplified procedure in the future. In all cases, the applicant will have to state the specific crypto services for which authorization is being applied for under MiCAR. In addition, the applicant must confirm that its business model has remained unchanged since its authorization procedure under national law and that the information on business organization and company management submitted to BaFin at the time is still up to date. Additionally, the applicant must make adjustments to its business organization with regard to the specific compliance requirements of MiCAR and submit them to BaFin. Finally, an updated business plan must be submitted, showing which crypto services are to be provided in which member states in accordance with MiCAR and how the applicant intends to market them.

MiCAR-AntragsV Aims to Regulate Submission Deadlines for All Types of Applications for MiCAR Authorization

The MiCAR-AntragsV merely serves to create the possibility of being able to submit applications for authorization as a CASP to BaFin prior to MiCAR taking full legal effect. This is because as long as the provisions of MiCAR do not yet apply with regard to the application – this will not be the case until 30^th of December 2024 – an effective legal basis is required for the application. At the end of 2024, the MiCAR-AntragsV will have served its purpose and will therefore cease to apply. Applications for the simplified procedure to be regulated by the MiCAR-TransitV should be able to be submitted as soon as the MiCAR-AntragsV comes into force, which can be expected by summer 2024 at the latest. The MiCAR-TransitV itself should already regulate the expiry date for the possibility of using the simplified procedure and set it at 31^st of August 2025. Initial applications for authorization as a CASP under MiCAR, as well as notification applications from credit institutions or investment firms, should be able to be submitted or transmitted from the date on which the MiCAR-AntragsV comes into force. For market participants in Germany, this means that they should start preparing MiCAR-related applications now in order to be able to submit them immediately after the MiCAR-AntragsV comes into force.