To print this article, all you need is to be registered or login on Mondaq.com.
DLT, blockchain and security tokens are hot topics among
legal authors and numerous publications have been made to date.
Distributed ledger technology
(“DLT“) is
increasingly used by businesses in different sectors, with many
Fintech start-ups flourishing in Luxembourg and Europe. In
Luxembourg, the Commis sion de Surveillance du Secteur Financier
(the “CSSF“) has over
the last couple of years been contacted by numerous promoters of
projects involving DLT and gained expertise in relation
thereto2, without however releasing
extensive guidelines or analyses, unlike e.g. the
AMF3 or BaFin4.
The Luxembourg legislator has been active in the same period with
some amendments made to its legislation to take into account DLT.
However, we currently see a gap between this new technology which
attracts an increasing number of actors willing to use it and the
absence of clear legislative framework regulating the issuance of
tokens, in par ticular those qualifying as financial instruments
(the so-called security tokens). Nevertheless, Luxembourg law does
not prevent the tokenisation of traditional securities (and more
specifically securities in registered form) which will be the focus
of this paper. The objective of this paper is to draw the attention
on different legal considerations to take into account when
contemplating an issuance of tokenised securities.
As we write this paper5, the
European Commission has finally launched its digital finance
strategy with different proposals that we will briefly touch upon.
This is an important step towards the digital transformation of the
economy and the financial industry and will lead market actors,
regulators and supervisors to work together in order to create a
sound legal framework within the European Union. We can also
anticipate that the launch of the digital finance strategy will
lead to the introduction of new regulations under Luxembourg law
which, one may hope, will create an attractive legal framework for
Fintech actors and will continue to position Luxembourg as a leader
in digital finance in Europe.
I. DLT AND THE ISSUANCE OF TOKENISED SECURITIES
In order to fully understand what entails an issuance of
tokenised securities and distinguish it from an issuance of tokens
only, one must first understand how DLT functions and we consider
that in that context, some clarifications should also be made as
regards the legal terminology associated with DLT (A). We will then
turn to what issuers will need to consider when issuing tokenised
securities, in particular, in terms of securities that can be
tokenised and arrangements necessary for the tokenisation process
to occur (B).
A) General considerations on DLT and legal terminology
To understand the legal issues that companies and issuers may
face when using DLT, it is important to first explain, in
layman’s terms, certain technological concepts and clarify the
terminology which is often not correctly or heterogeneously used
and can lead to confusions if readers are not familiar with this
technology6. The objective of the following developments
is to provide the readers with some useful and simplified
explanations on how DLT and tokenisation work but should not be
viewed as an exhaustive overview of how this technology functions
(1). In the second part of this section, we will attempt to clarify
the legal terminology used in respect of tokens, in particular in
light of the recent proposals of regulation made by the European
Commission (2).
1. A brief introduction to DLT
We will briefly present how the technology works and key
concepts associated with that technology (a) before introducing the
notions of coins and tokens from a technological perspective
(b).
- DLT: DLT is not a new
technology but a combination of existing technologies. Put in
simple terms a DLT is a distributed database or ledger using
cryptography. Blockchain constitutes one specific type of
DLTtarget=_blank7, but it is the DLT most frequently
referred to in legal publications8 because it is the
most simple and common form of DLT. For the purposes of this paper,
we will use the term “DLT” rather than
“blockchain” when referring to the underlying technology
in general, however, our analysis will mainly focus on blockchain
technology. DLT has become more popular among businesses in recent
years because its functionalities permit to ensure the
immutability, security and decentralisation of data. How does it
work?
A distributed ledger is maintained on a network that has the
specificity of being decentralised. The first key characteristic of
DLT is indeed that it relies on a decentralised network, which
means that each node9 of the network has a copy of the
ledger and can transfer information to other nodes without having
to go through a central server. In addition to being decentralised,
the network is distributed which is to say that all the servers and
computers of the network are interconnected and can share
information10. The second key characteristic of DLT is
the use of cryptography. The aim of this paper is not to explain in
detail what cryptography is and how it works, but to set out
certain underlying concepts which are essential to understand the
tokenisation process.
First, the concept of hash and hash functions must be
explained. Hash functions permit in essence to transform an
information, transaction or a document into a fixed length series
of numbers and letters which is unique to that information or
document and is called a hash. In other words, the hash is the
fingerprint of a document in the sense that any change in the
content of that document would create a different hash. In a
distributed ledger functioning as a blockchain, a block in the
blockchain contains a large number of transaction data to which a
specific hash is assigned. Each block of the blockchain has its own
hash and the hash from the previous block which thus permits, at
least in theory, to prevent any tampering in the data of the
previous block. To make it more secure and avoid having hackers
tampering the transaction data in one block and recalculating all
the different hashes, consensus mechanisms are put in place by the
participants of the blockchain to agree on the rules to be followed
by the nodes to accept new entries in the blockchain. The Bitcoin
Blockchain for example uses a consensus mechanism called
“proof-of-work” which is “a computational
challenge that is hard to solve (in terms of computing power and
processing time) but easy to verify“11. That
process is often referred to as “mining“.
As it takes some time to resolve the computational challenge (about
10 minutes for the Bitcoin Blockchain), it makes it much more
difficult for hackers to tamper the data and change all the hashes
from the previous blocks as they would need to go through that
proof-of-work process for each previous block. To continue with the
example of the Bitcoin blockchain, it is important to note that
each person, a so-called “miner”, that “produces
a valid proof-of-work in the Bitcoin network receives Bitcoins as a
reward (sort of like a transaction fee), which serves as an
economic incentive to maintain system
integrity12“. However, this consensus
mechanism is not the only consensus that exists. The Ethereum
Blockchain, which is another wellknown blockchain, is currently in
the process of upgrading its blockchain with Ethereum 2.0 which
will use the consensus mechanism called
“proof-of-stake”13. With proof-of-stake, the
probability to validate a new block does not depend on your
computing power but on how much stake or amount of cryptocurrencies
(e.g. Ether) you have14. The more cryptocurrencies you
have deposited to validate a new block the more likely you are to
validate the new block and get the transaction fee. If the new
block is fraudulent15, then the validator will lose the
cryptocurrencies deposited. With proof-of-stake, the terminology is
slightly different and instead of miners and mining, the terms
validators and minting or forging a new block are being used.
Distributed ledger technologies other than blockchain use other
consensus mechanisms but they are beyond the scope of this
paper.
Another concept to present is the concept of digital
signature. Digital signatures are an essential part of
cryptography as they permit to authenticate and identify the sender
of information within the DLT while encrypting the data that is
being sent. DLT is based on asymmetric cryptography which means
that the digital signatures used by DLT correspond in fact to a set
of two keys: a public key which is known by all the participants of
the network and therefore permits to identify the sender of
data16, and a private key which is personal to each
individual user and is used to sign and encrypt the data sent to
the network17. Each public key is uniquely linked to a
private key by a mathematical algorithm. Thus, a public key
uniquely corresponds to a given private key. To give an example, a
user A willing to send a message or information to a user B will
send such message or information in an encrypted form using its
private key and the public key of user B, and user B will in turn
be able to decrypt the message with its own private key and user
A’s public key. User A does not need to know the private key of
user B to send its message and no central counterparty is required
to validate the transaction. The transaction between A and B will
be validated by the participants to the blockchain through the
relevant consensus mechanism and will then be added to a block of
transactions that all participants to the blockchain will include
in their own record or copy of the blockchain.
It is therefore essential that public and private keys be kept and
stored safely by each individual user, especially private keys
since it is not possible from a technical perspective to recreate
the private key with the public key. This is the reason why wallet
service providers offer a number of services in relation to public
and private keys, and in particular, for their safe custody. As
explained by the European Securities and Markets Authority
(“ESMA“), in its advice on initial coin
offerings and crypto-assets dated 9 January 2019, “digital
crypto-asset wallets are used to store public and private keys and
to interact with DLTs to allow users to send and receive
cryptoassets and monitor their balances. Crypto-asset
wallets come in different forms. Some support multiple
crypto-assets/DLTs while others are crypto-asset/ DLT
specific“18. As further discussed in section
II) A)2.b) below, it is therefore crucial to ensure that wallets
are compatible with the underlying blockchain and the smart
contract generating the tokens. It is also important to clarify
that a wallet used in the context of a blockchain does not contain
the tokens held by a particular user but only his or her public and
private keys.
With this brief overview of the technology, the concepts of coins
and tokens can be introduced. - Coins and tokens:
coins and tokens should not be used interchangeably as there is a
technological difference between them19. A coin
is an asset or unit of value that is native from a specific
blockchain, such as Bitcoin which is the coin native from the
Bitcoin Blockchain or Ether for the Ethereum Blockchain.
Tokens on the other hand do not have their own blockchain
and are built on top of existing blockchains. They are generated
and created through a smart contract that is built on the
blockchain and permits to automatically execute transactions in
accordance with the smart contract code. A smart contract is a
computer programme that enables the creation, transfer and
cancellation of tokens (see further in section I)B)2.a) below). A
large number of tokens have been issued on the Ethereum Blockchain
which has developed certain standards of tokens such as the
“ERC-20 tokens”. ERC-20 tokens are only one of the many
forms of tokens that exist on the Ethereum Blockchain, and other
standards of tokens exist on other blockchains. Each standard of
tokens has its own specific rules and functions, which makes them
compatible with different wallets or crypto-exchanges supporting
these standards20. In light of the increasing attention
of regulators worldwide to regulate the issuance of tokens, and in
particular security tokens, it is worth mentioning that a new
standard ERC-1400 has been developed on the Ethereum Blockchain to
integrate additional functionalities specifically dedicated to
security tokens and permitting for example to regulate the holding
period, to whitelist and restrict the sale of tokens to
non-accredited investors or put a threshold on
transactions21.
Finally, one should keep in mind that in order to transfer or
effectuate transactions relating to tokens, a certain number of
coins will be needed as transaction fees. For example, on the
Ethereum Blockchain, a certain amount of Ethers will be used to
“fuel” transactions on the Ethereum
Blockchain22 in order to send a token from one wallet to
another wallet. This shows that tokens and coins are not the same
thing and should therefore be distinguished.
With these clarifications on how blockchain technology functions
and the role of coins and tokens, we can turn to the legal analysis
of the different types of instruments based on DLT.
Click here to continue reading …
Footnotes
1. The views expressed in this paper are
those of the authors and do not necessarily reflect the views of
the law firm Elvinger Hoss Prussen, société
anonyme.
2. CSSF Annual Report 2019, p.32
(https://www.cssf.lu/en/2020/09/publication-of-the-cssfs-annual-report-2019).
3. Autorité des marchés
financiers, the financial regulatory authority for France (see in
particular, “Synthèse des réponses à la
consultation publique portant sur les Initial Coin Offerings (ICO)
et point d’étape sur le programme
“Unicorn””
(https://www.amf-france.org/fr/actualites-publications/consultations-publiques/synthese-des-reponses-la-consultation-publique-portant-sur-les-initial-coin-offerings-ico-et-point)
and “Etat des lieux et analyse relative à
l’application de la réglementation financière aux
security tokens “
(https://www.amf-france.org/fr/actualites-publications/actualites/analyse-juridique-sur-lapplication-de-la-reglementation-financiere-aux-security-tokens-et-precisions).
4. Bundesanstalt für
Finanzdienstleistungsaufsicht, the financial regulatory authority
for Germany (see in particular, “Initial Coin Offerings:
Advisory letter on the classification of tokens as financial
instruments”, 28 March 2018
(https://www.bafin.de/Shared-Docs/Downloads/EN/Merkblatt/WA/dl_hinweisschreiben_einordnung_ICOs_en.html;jsessionid=549E6A96822084BE260F9
8A148143973.2_cid393?nn=11089708) and “Second advisory
letter on prospectus and authorization requirements in connection
with the issuance of crypto tokens”, 22 November 2019
(https://www.bafin.de/SharedDocs/Downloads/EN/Merkblatt/WA/dl_wa_merkblatt_ICOs_en.html).
5. This paper was written as of 10
October 2020.
6. J. Lee and F. L’heureux, “A
Regulatory Framework for Cryptocurrency”, European
Business Law Review 31, no.3 (2020): 423-446, paragraph
4.1.2.
7. For completeness, we note that two
main categories of distributed ledgers exist: the private or
permissioned blockchains, which put certain conditions to access
the network and to become a node, and the public or permissionless
blockchains, which can be accessed by anyone.
8. G. Cywie, “La numismatisation de
l’économie”, Droit du financement de
l’économie, Legitech, December 2018 ; G. Canivet,
“Blockchain et régulation”, Semaine Juridique
– Entreprises et Affaires n°36, 7 September 2017 ;
D. Legeais, “Blockchain”, Jurisclasseur Commercial,
March 2017 ; G. Kolifrath, M. Goupy, “Blockchain : les
enjeux en droit français”, Revue internationale des
services financiers, 2017, n°4, pp.19-24 ; M. Melki,
“Les mystères de la blockchain”, Recueil
Dalloz, 2 November 2017, n°37 ; B. Barraud,
“Les blockchains et le droit”, Revue Lamy Droit de
l’immatériel, April 2018.
9. A node is a participant to the network
which may take several forms such as a server, a computer or even a
smartphone.
10. A. Tordeurs, “Une approche
pédagogique de la Blockchain”, Revue internationale
des services financiers, 2017, n°4, pp.8-18.
11. World Bank Group, “Distributed
Ledger Technology (DLT) and Blockchain”, FinTech Note
No.1, 2017, p.6.
12. Ibid, World Bank Group,
“Distributed Ledger Technology (DLT) and Blockchain”,
FinTech Note No.1, 2017, p.6.
13. For further details on the concepts
of “proof-of-work” and “proof-of-stake”, see
for example, A. Pinna, W. Ruttenberg, “Distributed ledger
technologies in securities post-trading”, European Central
Bank, Occasional Paper Series No. 172, April 2016, paragraph
2.3.
14. Additional criteria in fact come into
play to determine which users will be able to participate in the
forging process of a new block, including in particular the methods
of “randomised block selection” and “coin age
selection”. These two methods (which we will not explain in
this paper as it would be too technical) permit to avoid a
situation where the consensus mechanism would rely solely on the
wealth of the different nodes of the network, which could cause
some issues if certain nodes were to own large stakes of coins.
15. This may occur in the event that the
new block contains illegitimate or invalid transactions or if there
is an attempt to create a fork. In such cases, the network will not
validate the new block.
16. Because the public key is the only
one known to the entire network, it is often referred to as the
“blockchain address”.
17. For additional developments, see for
example, Ibid, A. Tordeurs, “Une approche pédagogique
de la Blockchain”, Revue internationale des services
financiers, 2017, n°4, pp.13-14 ; Ibid, World
Bank Group, “Distributed Ledger Technology (DLT) and
Blockchain”, FinTech Note No.1, 2017, pp.8-9.
18. ESMA, “Advice on Initial Coin
Offerings and Crypto-Assets”, 9 January 2019, paragraph
25.
19. “Token vs Coin: What’s
the Difference“
(https://www.bitdegree.org/tutorials/token-vs-coin/).
20. “Security Tokens – An
ERC-Standards Comparison”, microbo Market Research,
December 2018
(https://medium.com/@micobo/security-tokens-an-erc-standards-comparison-919e7c379f37).
21. “Security Token Standard ERC
1400 – tokenization of assets”, Bitcademy, 1 May 2019
(https://medium.com/@bitcademyfb/security-token-standard-erc-1400-tokenization-of-assets-f92ba6ee6b85).
22. The term “gas” is also used
to refer to the payment of a transaction fee.
This article was first published in Bulletin Droit &
Banque, n°67, ALJB, December 2020, pp. 29-53.
The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.
