Content
More than 90 percent believe that the currencies underpinned by blockchain will greatly impact business in the next few years. For years, the cryptocurrency sector has asked the U.S. for a clearer regulatory framework. Implementation of the Consumer Duty – The FCA will likely continue to push to Proof of work embed the Consumer Duty across payments firms.
Corporate Governance and Remuneration Policy
To become a control agent under Blockchain Law IV, the Luxembourg or EU institution or firm concerned will have to notify the CSSF at least two months in advance and provide relevant information showing that it has the necessary resources and expertise to perform its role. Given the significance of its role, the control agent will be subject to organisational requirements to ensure it possesses the necessary resources and structure to assume its responsibilities. The role of control agent can be performed by (i) a settlement organisation or (ii) a Luxembourg or other EU credit institution or investment firm. This will now not be necessary with the introduction of the new role https://www.xcritical.com/ of the control agent, which will no longer act as a top-tier custodian. This means that the securities issued can be booked directly with a variety of custodians without having a (sub-)custody relationship with the control agent.
Get the latest from KPMG Regulatory Insights
The rule thus is an equal balance between regulatory compliance and innovation in crypto. DLA Piper is a global law firm operating through various separate and distinct legal blockchain payments entities. For further information about these entities and DLA Piper’s structure, please refer to the Legal Notices page of this website. Granted licenses are effective since 30 December 2024 and are included in AFM’s online register here. Crypto companies already registered with DNB under the previous regime may make use of the transitional period and must obtain a CASP license by 30 June 2025. As EMTs should be deemed to be electronic money under the EMD II, their issuers should comply with the relevant requirements set out in that Directive.
Sustainability and Responsible Banking
VARA mandates that all VASPs obtain licenses to operate, ensuring adherence to local laws. Virtual Asset Service Providers (VASPs) in Ireland have been required to register with the CBI for AML/CFT (Anti-Money Laundering/Countering the Financing of Terrorism) purposes and comply with ongoing AML/CFT obligations. The registration process also involves multi-stage pre-application and application phases, supported by the CBI’s Instruction VASP Manual and Guidance Note. As with ARTs and EMTs, comprehensive and high-quality applications will benefit the applicant. The authorisation requirement is subject to some derogations (eg offer addressed solely to qualified investors or below EUR5 million). This is a piecemeal and reactive way to respond to blockchain and is likely to result in many bumps and challenges as bad actors find ways to avoid tools and a technological “arms race” continues.
Blockchain: The Regulatory Challenges for Central Banks and Financial Sector
GAO found gaps in regulatory authority over two blockchain-related products that raise consumer and investor protection and financial stability concerns. Blockchain has evolved beyond cryptocurrencies, becoming a critical tool for transparency and efficiency across industries. Financial institutions like JPMorgan Chase have adopted blockchain for real-time settlements, processing over USD 1 billion through its JPMCoin platform.
In fact, part of its attraction seems to stem from a perceived lack of regulation as rules are often considered as hampering innovation. As with cryptocurrencies, regulators have been slow to respond to the questions surrounding the application of existing regulations or the introduction of new ones. Contrary to popular it isn’t a legal black hole as authorities around the world have issued rules or statements that indicate how they will treat services and solutions based on distributed ledger technology (DLT). We have compiled a list of relevant measures with regard to Blockchain regulation in financial services and related areas. We will continue to add new measures as they are published to make this a living document.
National competent authorities may request amendments to or the inclusion of additional information in the white papers. If MiCA-requirements are not met, they may suspend or prohibit an offer to the public. GAO was asked to study the regulation of blockchain-related financial products and services. Among other objectives, this report examines regulatory gaps and coordination in regulating these applications. GAO reviewed and analyzed government and industry reports, government guidance and speeches, and laws and regulations. The management of Electronic Health Records (EHR) presents challenges in terms of access control and data management.
MiCA further requires offerors and people seeking admission to trading of crypto-assets, ARTs and EMTs, to comply with specific regulatory requirements. They should manage and disclose conflicts of interest, and put in place effective administrative arrangements to ensure their systems and security protocols meet EU standards, as specified by ESMA5. Offerors should also adopt effective arrangements to monitor and safeguard the funds or crypto-assets raised during the offer.
- They provide clear guidelines for businesses, investors, and developers, fostering a conducive environment for blockchain adoption.
- DLA Piper is a global law firm operating through various separate and distinct legal entities.
- Although we endeavor to provide accurate and timely information, there can be no guarantee that such information is accurate as of the date it is received or that it will continue to be accurate in the future.
- We formulated access policies in between Medical Data Owner (MDO) and Medical Data Requester (MDR) within the framework of PBAC and implemented it through smart contracts to streamline the processes of EHR user registration and verification, EHR access requests, and access revocation.
- One example is the “right to be forgotten” granted to each citizen under European regulation, which allows any European citizen the right to have information stored in external databases, either on paper or in electronic format, deleted should they so wish.
For example, crypto assets reached a peak market capitalization of nearly $3 trillion in November 2021. However, recent volatility, bankruptcies, and instances of fraud in these markets illustrate the harm consumers and investors may face without adequate protections. Regulators and industry stakeholders are concerned regulatory gaps may limit regulators’ ability to address risks these products and services pose. Modernizing the financial regulatory system is on GAO’s high-risk list, partly because some entities are not subject to comprehensive regulation.
IT Security and Operational Resilience – Under DORA, PSPs, EMIs, and other financial institutions will face extensive new obligations to enhance IT security. DORA introduces harmonized Information and Communication Technology (ICT) risk management requirements, ensuring financial institutions can withstand and recover from ICT-related disruptions. Key mandates include implementing robust ICT risk management frameworks, reporting significant ICT incidents, conducting regular operational resilience testing, and establishing mandatory contractual terms with third-party ICT service providers. Expanded use of digital payments and crypto and digital assets in combination with broader acceptance of faster payments networks increase the need for defined regulatory authority around key risk areas—all companies in the digital ecosystem must ensure effective controls to mitigate these risks. MiCA provides for a grandfathering regime, allowing entities providing crypto-asset services in accordance with the applicable national law before 30 December 2024 to continue to do so until 1 July 2026 or until they are granted or refused an authorisation by the national competent authority. The Markets in Crypto-Assets Regulation (MiCA) will support innovation while protecting consumers and the integrity of crypto-currency exchanges.
The regulatory landscape in Europe could face substantial transformation with the anticipated adoption of the Third Payment Services Directive (PSD3) and the Payment Services Regulation (PSR). Initially proposed by the European Commission in June 2023, these regulatory measures aim to modernize the EU’s payment services framework by enhancing competition, innovation, and security. As these proposals undergo rigorous debate among various EU stakeholders, they are likely to take effect in late 2026, following an 18-month transition period. Alongside these, the Digital Operational Resilience Act (DORA) will also impose new IT security obligations starting Jan. 17, 2025. Below are some trends that may be expected following the implementation of PSD3, PSR, and DORA. 5.- Legal framework regarding the legal validity of financial instruments issued in blockchains.
This is the case for offers made to fewer than 150 people per EU Member State, that are addressed solely to qualified investors or whose total consideration does not exceed EUR1 million over a period of 12 months. Planet Compliance is the #1 resource for governance, risk and compliance professionals. Each week we send the latest news, industry reports, regulatory guidance and software recommendations direct to your inbox.
Traditional access control methods often lack the granularity required to effectively manage sensitive EHR data as lack of the context or purpose behind each request. Moreover, EHR data is usually located in centralized cloud servers, which poses a significant risk of a single point of failure. Purpose-Based Access Control (PBAC) with blockchain allows for more fine-grained control over access to EHR by taking into account the purpose of the access request which allows for a more tailored approach to the access control of EHR data. This study presents PBAC with blockchain as a solution to address the shortcomings of EHR management.
3.- Regulation regarding interpretation of the “right to be forgotten”, as the “tamper-proof” characteristic of blockchains “clashes” with said right, granted under European regulation to protect personal data. The fact that a blockchain is immutable may represent a problem, as it might conflict with other rights recognized by politicians, governments and/or regulators. One example is the “right to be forgotten” granted to each citizen under European regulation, which allows any European citizen the right to have information stored in external databases, either on paper or in electronic format, deleted should they so wish. Governments will increasingly collaborate with industry stakeholders to develop effective adoption frameworks. These frameworks will address real-world challenges and opportunities in the blockchain space. In South Africa, the FSCA is responsible for overseeing cryptocurrency activities.