October 20, 2020 | Jon Hautamäki

Cryptos & Fintech

The EU Commission’s First Draft on a Cryptocurrency Regulation

In the middle of September, we covered in an article that the EU Commission had preliminary plans for new EU-wide regulations concerning cryptocurrencies. A couple days later a draft of the planned regulation was leaked, and the new draft regulation covers the offering of new cryptocurrencies, broadly all kinds of cryptocurrencies including stablecoins as well as crypto-asset service providers.

The Commission plans to carry out the new regulation as an EU Regulation which means that it will be directly applicable in all member states without separate implementation. According to the Commission, it is important that the regulation is the same in every member state because most cryptocurrencies are not covered by the EU regulations on financial instruments. The new regulation improves the position of crypto-asset service providers by preventing market abuse as well as by securing and harmonizing the position of cryptocurrencies on the EU-market. In addition, the regulation will improve consumer protection by provisions concerning customer funds and obligations to disclose information. The regulation will also support innovation and fair competition in the cryptocurrency field.

The draft regulation applies the following definition of a crypto-asset:

[C]rypto-asset means a digital representation of value or rights, which may be transferred and stored electronically, using distributed ledger or similar technology

This definition corresponds to a large extent to the definition found in the Finnish Act on Virtual Currency Providers and the only difference is the specific inclusion of distributed ledger technology.

Offering a new cryptocurrency

According to the draft regulation’s Article 4, the issuer of crypto-assets must publish a whitepaper on the crypto-asset. In short, the whitepaper is a lightened version of a prospectus. The whitepaper must include information on the issuer and on the main participants involved in the project as well as a detailed description of the new crypto-asset, the whole issuing project and the obligations and rights related to the crypto-asset. The whitepaper must also include information of the underlying technology used in the crypto-asset as well as information on how the crypto-asset is stored and what risks the crypto-asset will have.

The whitepaper must be submitted to the competent authority which in Finland will most likely be the FIN-FSA at least 20 working days before its publication but publishing the whitepaper does not require permission from the competent authority. The competent authority can demand that the issuer makes amendments to the whitepaper or even suspend the offering of crypto-assets.

According to the draft regulation, the issuer must be a legal person and act honestly, fairly and professionally, communicate with the holders of crypto-assets in a fair, clear and not in a misleading manner as well as maintain all of its systems and security access protocols to appropriate EU standards.


In the draft regulation stablecoins – e.g. cryptocurrencies tied to the value of fiat-currencies – are divided to two categories: asset-referenced token and electronic money token.

Asset-referenced token is defined as a type of crypto-asset whose main purpose is to be used as a means of exchange and that purports to maintain a stable value by referring to the value of several fiat currencies, one or several commodities or one or several crypto-assets, or a combination of such assets.

Electronic money token is defined as a type of crypto-asset whose main purpose is to be used as a means of exchange and that purports to maintain a stable value by being denominated in (units of) a fiat currency.

If the stablecoin meets certain criteria for example significant market value, transaction amounts or size of the customer base, the stablecoin can be classified as significant which leads to stricter oversight and regulation.

The issuer of an electronic money token must register as an electronic money institution if the value of the issued tokens exceeds five (5) million euros in a calendar year and the tokens are marketed to other investors than a limited group of qualified investors.

The issuer of an asset-referenced token must fulfill for example a minimum capital requirement, requirements pertaining to the governance of the issuer as well as requirements concerning customer funds and stabilization mechanism(s).

Crypto-asset service providers

The draft regulation contains general provisions pertaining to crypto-asset service providers as well as service-specific provisions. The draft regulation’s registration covers the whole EU and thus the crypto-asset service provider can offer and market their services in the EU after the national registration and the notification concerning the offering of services. Thus, the draft regulation demands that the crypto-asset service provider notifies to the registration state’s competent authority in which member states and from what date the services are offered. The crypto-asset service provider can offer their services after at least 15 days have passed from giving the notification to the competent authority. The European Securities and Markets Authority (ESMA) will establish a register of all crypto-asset service providers.

The crypto-asset service providers must fulfill a service-specific prudential requirement that can be fulfilled with own funds or an insurance policy that covers all the EU member states where the crypto-asset service in marketed. The members of the management body of the crypto-asset service providers must fulfill so called fit & proper requirements in line with the current Finnish legislation. In addition, the crypto-asset service provider must have a business continuity plan, a risk assessment as well as internal control mechanisms and safeguards for the loss of information and the interference or complete disruption of the IT systems.

The crypto-asset service providers must also safeguard its clients’ funds for example in a credit institution as well as ensure that the funds are held separately identifiable. Information and especially marketing information provided to clients must be clear, accurate and non-misleading. The clients must be able to file complaints with a clear standard template as well as for free and the crypto-asset service providers must investigate the complaints in a timely and fair manner. Crypto-asset service providers must also maintain and operate an effective policy to prevent conflicts of interest.

One of the most significant provisions in the draft regulation is that crypto-asset service providers providing crypto-asset custody services are liable to their clients for loss of crypto-assets as a result of malfunction or hacking up to the market value of the crypto-assets lost.

Crypto-asset trading platforms must ensure a fair and orderly trading as well as ensure that its IT systems are properly safeguarded. Trading platforms must also publish a firm price of the crypto-assets or a method for determining the price of the crypto-assets they propose for exchange against fiat currency or other crypto-assets.


According to the draft regulation, the Commission is also trying to prevent market abuse involving crypto-assets. The provisions are not as strong or comprehensive as the EU Regulation on Market Abuse but the provisions define and prohibit insider dealing and unlawful disclosure of inside information as well as market manipulation.

The most important points of the draft regulation can be summarized as follows:

– An obligation to publish a lightened version of a prospectus (whitepaper) of a new crypto-asset.
– Stablecoins are divided to two categories and they are regulated heavily.
– The crypto-asset service providers register EU-wide and the requirements for registration are slightly tightened compared to current Finnish legislation.
– The Commission tries to prevent market abuse involving crypto-assets.

The draft regulation is very comprehensive and the integration of the crypto-asset market in the EU eases preventing malpractice and enables the removing of service providers that operate without registration.

Based on the current draft regulation it can be concluded that the provisions concerning crypto-asset services providers do not differ that much from the current Finnish legislation but it is clear that the regulations concerning cryptocurrencies will significantly change during next few years.

Our Trainee Johannes Lottonen took part in writing of this article.

20.10.2020 JON

Nordic LawPioneer in Web3 and Fintech law