Bank of Lithuania Issues Guidelines for Regulating STOs

The Bank of Lithuania, the country’s central bank, has issued guidelines intended to, “provide greater regulatory clarity and aim at higher investor protection,” in the country’s security token offering (STO) market.

Lithuania has been working hard to establish itself as a Fintech leader in the Baltics, and in 2017, 35 Fintechs registered in the region.

In early 2018, Invest Lithuania Managing Director Mantas Katinas promoted the region as a fast avenue to accessing EU markets:

“The Fintech market is very dynamic, and the players are aggressive, so being the first to implement an idea is an invaluable asset. Lithuania can offer startups from non-EU countries access to the European market faster than other EU members.”

Bank of Lithuania board member Marius Jurgilas said the guidelines are designed to “expand” the country’s capacity to host this type of fundraise rather than simply add rules:

“The current focus on security token offerings is taking over the waning interest in initial coin offerings (ICOs). Businesses are interested in this particular way of raising capital as an alternative to bank lending. The Guidelines on Security Token Offering are aimed at explaining our position in this regard rather than creating new regulatory arrangements. In a strict regulatory environment, such as the securities market, it becomes crucial to set rules in order to avoid any miscommunication, misunderstandings and their consequences.”

The guidelines provide “legal qualifications of tokens” and discuss “regulatory implications when tokens qualify as a financial instrument.”

The guidelines also highlight the challenge of an EU member state in regulating digital assets as the await the issuing of harmonized rules by the European Commission.

To quote the document:

“Currently, there is no STO-specific regulatory framework in the Lithuanian or European Union (hereinafter – EU) law . This fact leads to numerous questions whether, and if so, what kind of regulation should be applied in relation to STOs, bearing in mind that the existing rules were not designed having these instruments in mind. Noteworthy, some of the EU Member States (i.e. Malta, France) have introduced the ICOs-specific national regulation, while other Member States consider that certain ICOs might fall within the scope of the existing financial markets legislation.”

The Bank of Lithuania states that these Guidelines are based on the current parameters established by Lithuanian and EU law as the country attempts to bridge the European divide.

While Lithuania appears to classify “crypto-assets” in a similar manner as Switzerland, security tokens are being slotted into traditional financial services law.

With regards to “smart contracts” (code appended to blockchain software designed to modulate transactions), the guidelines ask both buyers and sellers to pay, “particular attention… to the analysis and the assurance of reliability in the processes of development and execution of smart contracts…(because) any smart contract concluded when issuing tokens shall be irrevocable and immutable and that any execution of rights given by the acquired tokens basically depends on the content of the smart contract.”

“Smart contracts” can be tricky to write competently, and there have been some high-profile bug exploitations and accidents.

For instance, in June 2016, hackers stole more than $50 million USD in ethers from Ethereum’s DAO project by exploiting a bug in a smart contract.

In November 2017, a junior developer at Parity tinkered with a smart contract and froze $360 million USD in client funds being store in the company’s wallets. As far as we know, the mdoney is still frozen.

The Bank of Lithuania states that “smart contracts should accurately and explicitly represent the information contained in the published document on the issue of tokens.”

But in practice, this may not be the case.

“Any smart contract will be really ‘smart’ only when it is developed by persons whose competence and experience enable them to assess all significant information when coding the contract.”

The guidelines acknowledge risks implied by “novel” STO markets, including, “tokens markets where limited trading volumes and / or concentrated ownership of certain tokens may raise greater risks of conflicts of interest.”

As well, the guidelines warn that current market abuse regulation (MAR)  may not be able to fully mitigate market manipulation in crypto, which has been extraordinarily common:

“(T)he novel nature of the tokens market could mean that some new abusive behaviours may arise which are not directly captured by the MAR or current market monitoring arrangements. For example, new actors may hold new forms of inside information, such as miners and wallet providers, which could potentially be used to manipulate the trading and settlement of tokens. The application of the MAR might also raise specific issues in the case of decentralised trading platforms, as there may be a lack of clarity as to the identity of the market operator.”

Notably, the guidelines do not, “focus…on… the regulation of collective investment undertakings or on anti-money laundering or counter-terrorist financing issues,” on the apparent basis that these matters are covered elsewhere:

“(T)he BoL believes that all tokens and related activities should be subject to anti-money laundering and counter terrorist financing (hereinafter – AML/CTF) regulation. Market participants are advised to consult the Financial Action Task Force (FATF) Recommendations on International Standards on Combating Money Laundering and the Financing of Terrorism and Proliferation (updated in October 2018).”

Facts and Circumstances (Editor’s Note)

The Bank of Lithuania Guidelines attempts to thread the needle between national (Lithuanian) law, existing EU regulations and what may be coming down the road.

The document outlines applicable recommendations but and also brings to the forefront the regulatory challenges of digital securities and ongoing pressing questions.

As ESMA stated at the beginning of 2019, “crypto-assets need a common EU wide approach to ensure investor protection.”

Today, we are still waiting.

In the end, the guidelines are mere suggestions and not bright-line rules. The Bank of Lithuania includes the following disclaimer:

“These Guidelines should not be treated as an official interpretation of the legislation. The BoL makes decisions taking into account the entirety of actual circumstances which may differ on a case-by-case basis.”

Sponsored Links by DQ Promote



Send this to a friend