France Telecom: lessons for UK employers following 'institutional harassment' ruling
Out-Law Analysis | 01 Nov 2018 | 10:56 am | 10 min. read
Ten highlights can be pulled from the report by the Cryptoassets Taskforce, a body which was set up in March and which includes representatives from the UK Treasury, the Bank of England and the Financial Conduct Authority (FCA).
Although focused on the seemingly narrow topic of cryptoassets, the Cryptoassets Taskforce's report is about something much bigger than bitcoin, cryptocurrencies and tokens. It shows the approach we can expect the UK government to take to financial technology (fintech) and more broadly technology developments in a post-Brexit world.
The UK must continue to balance making itself an attractive place for financial services and for innovation, while ensuring the legislative and regulatory regimes offer appropriate safeguards against potential consumer harm, instability in financial markets and other risks.
There is a clear indication in the report that the government will be willing to go beyond what is planned by EU policy makers to meet those objectives while still maintaining close alignment with what EU counterparts are doing.
This is evidenced by the government's plans to go beyond the requirements of EU law when implementing new anti-money laundering (AML) and counter terrorist financing (CTF) rules in the UK. As we previously highlighted, the government plans to extend AML controls to cryptoasset exchange services, peer-to-peer platforms, ATMs and "non-custodian wallet providers", even though EU AML laws do not mandate this.
As we look to a future world of quantum computing, 5G connectivity and use of other as yet unforeseen technologies, we can expect the government to keep a close eye on EU developments to ensure that the legislative and regulatory frameworks in the UK do not differ too much from neighbouring countries – if they become too different the compliance burdens on businesses could dissuade companies from setting up operations in the UK. However, it is also clear that the government is prepared to set leading legal and regulatory standards of its own.
The government's focus on going much further than its obligations under the EU's Fifth Anti Money Laundering and Counter Terrorism Financing Directive is a good one. It will help to distinguish innovative businesses committed to doing the right thing from rogue companies complicit in, or happy to turn a blind eye to, the transfer of funds linked to criminal activity.
All legitimate actors within cryptoasset markets understand the importance of robust AML/CTF and 'know your customer' (KYC) processes. With so many regulatory technology solutions and new methods of tracking value and data coming to market, this will be an important step in providing greater legitimacy to innovation which benefits consumers and investors.
Not all cryptoassets are the same. It is vital that the different types of cryptoassets are distinguished from one another from the point of view of ensuring appropriate regulation.
According to the Cryptoassets Taskforce, cryptoassets can be split between three broad categories – exchange tokens, security tokens and utility tokens.
'Exchange tokens', according to the Taskforce, are used to describe cryptocurrencies, like bitcoin, which can be exchanged for another asset – like a product sold by an online retailer – or as a means of investment.
'Security tokens' are considered to be a new form of an existing, regulated, financial instrument in the UK which "may provide rights such as ownership, repayment of a specific sum of money, or entitlement to a share in future profits". Security tokens are often issued through 'initial coin offerings' (ICOs).
'Utility tokens' are defined in the report as tokens that "can be redeemed for access to a specific product or service that is typically provided using a DLT (distributed ledger technology) platform".
Other countries have taken similarly steps to categorise cryptoassets in a bid to distinguish the different types of assets for regulatory purposes. In relation to ICOs, the Swiss Financial Market Supervisory Authority (FINMA) has said, for instance, that there are three types of tokens – payment ICOs, such as cryptocurrencies, utility ICOs and asset ICOs, while the Monetary Authority of Singapore has similarly acknowledged that the "types of digital tokens offered … vary widely" and provided guidance on when tokens issued or offered might be subject to regulation.
While clarifying these essential concepts is a positive start, it is crucial that the UK government and authorities now follow through on the timeframe set out in the Cryptoassets Taskforce's report to take more substantive steps, including the actions committed to in the report. These steps are necessary to clarify how the existing regulatory framework applies to the different types of cryptoassets in operation and how those assets might be regulated in future.
As the Cryptoassets Taskforce has conceded, it can be unclear when cryptoassets are subject to regulation in the UK. It said existing rules did not envisage the new business models and use cases we are seeing with cryptoassets and that there is also "evidence of regulatory arbitrage".
The regulatory picture is complex. Securities laws may apply depending on the conditions on the offer or issuance of tokens, but the Taskforce has acknowledged that firms that issue cryptoassets can sometimes structure those offers to escape regulation. Other regulations can also come into play, such as those that apply to other financial instruments, payment services regulations, consumer protection law and rules applicable to financial promotions.
It is welcome that the Taskforce has confirmed that the FCA plans to consult on new guidance before the end of 2018 "to provide further clarity on the way regulation applies to security tokens". However, even more detailed work is needed to reduce the cost and time legitimate market actors spend in understanding how the regulatory perimeter applies to their business.
For example, there is a lot of complexity around how the EU's Alternative Investment Fund Managers Directive (AIFMD) applies in the context of cryptoassets and uncertainty over how the list of financial instruments within the MiFID II regime should also be interpreted for cryptoassets. In addition, greater clarity is needed on how cryptoassets fit with the UK's collective investment scheme rules. All of these matters require thorough review.
Like other digital objects, cryptoassets can move between countries with speed and ease and without crossing physical borders. It is important, therefore, that regulators work together around the world to ensure that the regulation of cryptoassets is consistent and that there are no 'safe haven' markets or regulatory loopholes for unscrupulous businesses and criminals to exploit.
The importance of this is recognised in the Cryptoassets Taskforce report, which states that UK authorities will continue to engage with counterparts internationally, including through forums such as the G20, G7, Financial Stability Board, Financial Action Task Force and International Organization of Securities Commissions.
The UK can play a significant role in leading regulatory responses towards standardisation – if consumers and investors are to benefit at all there is no doubt that this will only be possible through real efforts put in to coordinating regulatory and technical standards in respect of cryptoassets.
However, while it is welcome that the UK authorities are committed to "promoting a coordinated international response", it is vital that the approach they take delivers effective change.
The work of the new Global Financial Innovation Network (GFIN) will be vital in this respect. Regulators that are part of GFIN need to listen to each other and build on previous work, not undertake parallel exercises which result in similar but different results. Unfortunately we have seen similar but different regulatory regimes emerge across jurisdictions time and again. It is a significant barrier to innovation in financial services.
From volatile fluctuations in the value of cryptocurrencies, to hackers stealing cryptoassets from digital wallets and scammers using initial coin offerings (ICOs) to defraud retail investors, it is clear that consumers attracted by the opportunity to profit from the rise of cryptocurrencies and related assets face real risks when parting with their cash.
As cryptoassets have grown in popularity regulators have warned consumers about the potential harm they may be exposed. In the UK the FCA has largely led on consumer awareness-raising activities by highlight the risks during media appearances and in warning notices, including in relation to ICOs, cryptoasset derivatives, cryptocurrency contracts for difference and investment scams
The Cryptoasset Taskforce used its report to reiterate that the FCA, together with the UK government and the Bank of England, "firmly believe that consumers should approach purchasing cryptoassets with a high degree of caution and be prepared to lose money". It said the authorities will continue to warn consumers of the risks.
However, the report misses an important point, which is that many retail investors are so fed up with the complexity and opacity of other financial products that they are willing to take on significant risks in investing in cryptoassets.
UK authorities need to consider educating consumers about cryptoassets in comparison with other financial products and not in isolation. Simply saying that cryptoassets present extreme risks does not resonate with retail investors who may feel that they have few alternatives which they can understand.
Many of the new digital technologies we have seen emerge in recent times have the simple aim of reducing the inefficiencies associated with financial products and services which result from manual processes and the use, tracking and transferring of paper.
One method that has been explored has been the use of distributed ledger technology (DLT) to 'tokenise' assets and provide a platform for the transfer in their ownership.
The Cryptoassets Taskforce said in its report that "the regulatory status of an asset or activity should not be affected by the use of DLT and the processes of tokenisation"
If the intention of the Taskforce was to confirm that legislation will be amended in the future to remove barriers which continue to require the use of paper as the medium for keeping a record of assets and financial instruments, then that would be welcome.
Providers of 'non-native tokens' and those that intend to use them for real world assets in new and innovative ways should engage in close dialogue with the FCA to flesh out the meaning of what is stated.
The report described native tokens as intangible, non-physical assets that derive their value from the DLT platform, and non-native tokens as those which represent tangible and/or financial assets that exist elsewhere, according to the report.
In the UK, there are specific laws that govern financial promotions, as well as further specific rules on financial promotions that apply to regulated firms only.
The rules for regulated firms require they ensure that their financial promotions are fair, clear, and not misleading, give a balanced impression of the product or service, and that they do not disguise and diminish important warning statements.
Broader rules contained in the Financial Services and Markets Act 2000 prohibit businesses from communicating an invitation or inducement to engage in investment activity unless the promotion has been made or approved by an authorised person or it is exempt.
The rules are generally well understood in the UK, but may not be so obvious to cryptoasset businesses engaging in the UK market from other countries.
The FCA should flesh out how the financial promotions rules apply to specific practices undertaken in cryptoasset markets.
Since the concept of bitcoin first came into the public sphere 10 years ago, the use of cryptocurrencies as part of remittance has been an idea that a number of organisations have explored.
The report by the Cryptoassets Taskforce briefly reflected on this use of cryptoassets, giving the example of how bitcoin might be used as the intermediary in cross-border transactions, such as where British pound sterling is to be exchanged for US dollars.
The Taskforce usefully highlighted that businesses using cryptoassets to facilitate a regulated payment service will fall subject to the UK's Payment Services Regulations (PSRs), giving attention to a little-mentioned aspect of the regulatory perimeter that can apply to cryptoasset businesses. It said that some aspects of the services businesses provide for such transactions could be caught by the money remittance rules in the PSRs, though not "the cryptoasset part of the transaction".
It is to be hoped that this passing reference given to how the payment services rules apply to cryptoassets paves the way for the FCA, through its perimeter guidance consultation, to consider other specific use cases and provide direct guidance in relation to each of them.
Of the three categories of cryptoassets identified in its report, the Taskforce perhaps gave the least amount of attention to 'utility tokens'. This is a shame, because utility tokens have the potential to transform access to many markets, product and services. A lot of discussion needs to take place to assess the potential economic benefit for genuine utility tokens.
A related issue is the status of loyalty schemes run by online retailers or by providers of popular consumer applications. Many of these schemes are not considered 'transferable securities' and do not qualify as 'payment instruments' by virtue of the 'limited network exemption' provided for under the EU's second Payment Services Directive (PSD2).
Looking forward it will be useful for the Cryptoasset Taskforce to consider the principles which underlie the limited network exemption which enable fuel cards, membership cards, public transport cards and others to operate under a different regime to other means of storing value from payment instruments. Reassessing those principles will provide a useful starting point in determining the extent to which businesses can offer tokens that have genuine utility.
Luke Scanlon is an expert in fintech at Pinsent Masons, the law firm behind Out-Law.com.
France Telecom: lessons for UK employers following 'institutional harassment' ruling