Regulation of Cryptocurrency and Initial Coin Offerings (ICOs) in Gibraltar
Gibraltar is one of the jurisdictions at the forefront of ICO regulation and aims to develop Gibraltar as an ICO hub.
Gibraltar’s DLT principles-based regulation
Regulations governing businesses operating in or from Gibraltar which use distributed ledger technology for storing or transmitting value belonging to others (DLT Activities) took effect on 1 January 2018. Firms carrying on a business in DLT Activities, including crypto trading exchanges, need to be authorised as DLT Providers by Gibraltar’s Financial Services Commission (the GFSC).
Gibraltar’s regulatory approach to DLT is outcome-focused, not prescriptive. The GFSC requires DLT Providers to comply with nine principles designed to ensure achievement of desired regulatory outcomes, including investor protection.
The nine principles require a DLT firm to:
- conduct its business with honesty and integrity;
- pay due regard to the interests and needs of each and all its customers and communicate with its customers in a way which is fair, clear and not misleading;
- maintain adequate financial and non-financial resources;
- manage and control its business effectively, and conduct its business with due skill, care and diligence; including having proper regard to risks to its business and customers;
- have effective arrangements in place for the protection of client assets and money when it is responsible for them;
- have effective corporate governance arrangements;
- ensure that all systems and security access protocols are maintained to appropriate high standards;
- have systems in place to prevent, detect and disclose financial crime risks such as anti-money laundering and countering terrorist financing (AML/CFT); and
- be resilient and develop contingency plans for the orderly and solvent wind down of its business.
Proposed ICO regulation
ICOs are not however specifically regulated in Gibraltar, although they may fall within the scope of existing regulation of securities. However, Gibraltar’s Government (HMGoG) and the GFSC issued proposals for the regulation of ICOs in March 2018. The proposals would introduce a requirement for an “authorised sponsor” of all publicly offered ICOs and would regulate the conduct of authorised sponsors, secondary token market operators and token investment and ancillary service providers.
The “Proposals for the regulation of token sales, secondary market platforms and investment services relating to tokens”  propose new legislation to regulate the following activities conducted in or from Gibraltar:
- the promotion, sale and distribution of tokens;
- operating secondary market platforms trading in tokens; and
- providing investment and ancillary services relating to tokens.
The regulations will impose obligations on:
- authorised sponsors of public ICOs;
- secondary token market operators (i.e. crytpo exchanges); and
- token investment and ancillary service providers.
They will not however regulate token issuers or promoters, nor the tokens or technology underlying them. Instead, regulation will be effected by requiring authorised sponsors, crypto exchanges and service providers to comply with new regulations.
The aim of the proposed regulatory regime would be to mitigate the risks associated with token-based crowd financing by requiring full and accurate disclosure of information, imposing rules for the orderly and proper conduct of secondary market platforms and requiring competent professional investment services. GFSC will be the relevant supervisory authority for AML/CFT regulation, and the provisions of DLT regulations will apply to firms covered by the new token regulations.
Public offering of tokens
The first limb of the regulations will regulate the primary market promotion, sale and distribution of tokens that are not securities (which are already covered under existing securities legislation), outright gifts or donations which are conducted in or from Gibraltar. These tokens typically offer commercial products or services (which may not exist at the time of the token sale) and are sometimes referred to as utility or access tokens. Tokens that function solely as decentralised virtual currency  (e.g. Bitcoin) or as central bank-issued digital currency will be excluded from this limb of the regulations. However, hybrid tokens (which have an underlying economic function that is both virtual currency and something else) will be caught.
The activities to be regulated under the first limb are proposed to include activities:
- which purport to be or imply that they are made from Gibraltar;
- are intended to come to the attention of or be accessed by any person in Gibraltar;
- are conducted by overseas subsidiaries of Gibraltar-registered legal persons (in such cases, the Gibraltar person will be liable); or
- are conducted by overseas agents and proxies acting on behalf of Gibraltar-registered legal persons, or on behalf of natural persons ordinarily resident in Gibraltar (in such cases, the Gibraltar person will be liable).
The proposed regulations on the promotion, sale and distribution of tokens will require adequate, accurate and balanced disclosure of information to enable anyone considering purchasing tokens in the primary market to make an informed decision. The regulations may prescribe what, as a minimum, constitutes adequate disclosure, and in what form disclosures are made (e.g. in a key facts document not exceeding 2 pages). The GFSC may publish guidance on the disclosure rules from time to time.
Financial crime provisions
Undertakings that receive, whether on their own account or that of another person, proceeds in any form from the sale of tokens were brought within the scope of the Proceeds of Crimes Act 2015 (POCA) by an amendment that took effect in March 2018. Token issuers are thus already under an obligation to perform AML and CFT checks on token purchasers.
The proposed regulations will establish a regime for the authorisation and supervision of token sale sponsors (authorised sponsors) who will be responsible for compliance with this limb of the regulations. An authorised sponsor will need to be appointed in respect of every public token offering promoted, sold or distributed in or from Gibraltar. Authorised sponsors may be appointed by the Gibraltar promoter or by organisers of the offering, wherever located.
Authorised sponsors will be required to have knowledge and experience of ICOs and mind and management in Gibraltar. They will be allowed to delegate some of their work to others, including offshore parties, but will remain directly accountable to GFSC for the actions of their delegates.
Codes of practice
Authorised sponsors will be required to have in place one or more codes of practice relating to offerings they sponsor. Authorised sponsors are considered to be in the best position to determine best practice for the offerings they sponsor and will be free to apply different codes to different categories of tokens and offerings. Codes of practice may cover matters such as methods for applying and distributing sale proceeds.
A code of practice will have to be incorporated in authorised sponsors’ agreements with their ICO clients. Submission of codes of practice will form part of the application process for an authorised sponsor licence. Prior reporting of amendments to codes of practice will be required and will be treated in the same way as other major business changes.
It is proposed that regulations would specify principles governing the content of codes of practice. Authorised sponsors will be free, subject to approval, to set their own methodologies for implementing the principles.
Registers of authorised sponsors, codes of practice, sponsors’ clients and tokens
GFSC will establish and maintain a public register of authorised sponsors and their codes of practice (past and present).
GFSC will add to the public register the following details of public offerings provided by authorised sponsors of public offerings they are engaged in:
- the client(s) for whom they act;
- the token(s) included in the offering;
- the code of practice applicable to the offering; and
- any interest they, and connected persons, have in the tokens offered.
New Controlled Activity and Offence
A new controlled activity of being an authorised sponsor will be created and it will be an offence to promote, sell or distribute tokens in or from Gibraltar without compliance with:
- the requirement for an authorised sponsor;
- the requirement for a current entry on the public register;
- specified disclosure obligations; and
- relevant provisions of POCA, where applicable.
The promotion, sale and distribution of a public token offering may only be conducted once, and while the offering appears on the register.
Secondary market activities
The proposals include regulation of secondary market platforms operated in or from Gibraltar that are used for trading tokens and, to the extent not covered by other regulations, their derivatives. The regulations aim to ensure that the activities of such markets are fair, transparent and efficient and that organised trading occurs only on regulated platforms.
The proposed regulations will set out requirements for:
- disclosure to the public of data on trading activity;
- disclosure of transaction data to GFSC; and
- specific supervisory actions concerning tokens and positions on token derivatives.
These regulations will cover secondary market trading of all tokenised digital assets including virtual currencies and will be modelled, to the extent appropriate, on market platform provisions under MiFID 2 and MiFIR. GFSC may issue guidance as appropriate.
Authorised secondary token markets
The proposals include adding a new controlled activity of operating a secondary market platform used for trading tokens and their derivatives. GFSC will authorise and supervise secondary token market operators and maintain a public register of such operators.
Investment and ancillary services relating to tokens
The proposed legislation would include a new controlled activity of providing investment and ancillary services relating to tokens in or from Gibraltar and, to the extent not covered by other regulations, their derivatives.
This limb of the regulations is intended to cover advice on investments in tokens, virtual currencies and central bank-issued digital currencies, including:
- generic advice (setting out fairly and in a neutral manner the facts relating to token investments and services);
- product-related advice (setting out in a selective and judgemental manner the advantages and disadvantages of a particular token investment and service);
- and personal recommendation (based on the particular needs and circumstances of the individual investor).
This limb of the regulations will be modelled on similar provisions under MiFID.
Note: The above represents Charltons’ current understanding of the regulation of ICOs in different jurisdictions. Charltons advises only on Hong Kong law and while the above represents our understanding of the legal position in certain other jurisdictions, legal advice from qualified lawyers in the relevant jurisdictions should be sought in relation to any particular transaction or situation. Further, this note is intended for educational purposes and it does not constitute Hong Kong legal advice. Specific advice must be sought in relation to any particular situation.
- HM Government of Gibraltar. “Token Regulation Proposals for the regulation of token sales, secondary token market platforms, and investment services relating to tokens”. 15 March 2018 <http://gibraltarfinance.gi/20180309-token-regulation—policy-document-v2.1-final.pdf>
- FATF “Virtual Currencies: Key Definitions and Potential AML/CTF Risks, Financial Action Task Force”. June 2014. <http://www.fatf-gafi.org/media/fatf/documents/reports/Virtual-currency-key-definitions-and-potential-aml-cft-risks.pdf>